Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-26140 (GCVE-0-2020-26140)
Vulnerability from cvelistv5 – Published: 2021-05-11 19:34 – Updated: 2026-04-14 08:49
VLAI
EPSS
Summary
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
Severity
6.5 (Medium)
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://tools.cisco.com/security/center/content/C… | vendor-advisoryx_refsource_CISCO |
| https://www.fragattacks.com | x_refsource_MISC |
| https://github.com/vanhoefm/fragattacks/blob/mast… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2021/0… | mailing-listx_refsource_MLIST |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://www.arista.com/en/support/advisories-noti… | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/html/… | |
| https://cert-portal.siemens.com/productcert/html/… |
Impacted products
23 products
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens | SCALANCE W721-1 RJ45 |
Affected:
0 , < V6.6.0
(custom)
|
|
| Siemens | SCALANCE W722-1 RJ45 |
Affected:
0 , < V6.6.0
(custom)
|
|
| Siemens | SCALANCE W734-1 RJ45 |
Affected:
0 , < V6.6.0
(custom)
|
|
| Siemens | SCALANCE W734-1 RJ45 (USA) |
Affected:
0 , < V6.6.0
(custom)
|
|
| Siemens | SCALANCE W738-1 M12 |
Affected:
0 , < V6.6.0
(custom)
|
|
| Siemens | SCALANCE W748-1 M12 |
Affected:
0 , < V6.6.0
(custom)
|
|
| Siemens | SCALANCE W748-1 RJ45 |
Affected:
0 , < V6.6.0
(custom)
|
|
| Siemens | SCALANCE W761-1 RJ45 |
Affected:
0 , < V6.6.0
(custom)
|
|
| Siemens | SCALANCE W774-1 M12 EEC |
Affected:
0 , < V6.6.0
(custom)
|
|
| Siemens | SCALANCE W774-1 RJ45 |
Affected:
0 , < V6.6.0
(custom)
|
|
| Siemens | SCALANCE W774-1 RJ45 (USA) |
Affected:
0 , < V6.6.0
(custom)
|
|
| Siemens | SCALANCE W778-1 M12 |
Affected:
0 , < V6.6.0
(custom)
|
|
| Siemens | SCALANCE W778-1 M12 EEC |
Affected:
0 , < V6.6.0
(custom)
|
|
| Siemens | SCALANCE W778-1 M12 EEC (USA) |
Affected:
0 , < V6.6.0
(custom)
|
|
| Siemens | SCALANCE W786-1 RJ45 |
Affected:
0 , < V6.6.0
(custom)
|
|
| Siemens | SCALANCE W786-2 RJ45 |
Affected:
0 , < V6.6.0
(custom)
|
|
| Siemens | SCALANCE W786-2 SFP |
Affected:
0 , < V6.6.0
(custom)
|
|
| Siemens | SCALANCE W786-2IA RJ45 |
Affected:
0 , < V6.6.0
(custom)
|
|
| Siemens | SCALANCE W788-1 M12 |
Affected:
0 , < V6.6.0
(custom)
|
|
| Siemens | SCALANCE W788-1 RJ45 |
Affected:
0 , < V6.6.0
(custom)
|
|
| Siemens | SCALANCE W788-2 M12 |
Affected:
0 , < V6.6.0
(custom)
|
|
| Siemens | SCALANCE W788-2 M12 EEC |
Affected:
0 , < V6.6.0
(custom)
|
|
| Siemens | SCALANCE W788-2 RJ45 |
Affected:
0 , < V6.6.0
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:49:07.137Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.fragattacks.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "SCALANCE W721-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W721-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W721-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W721-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W722-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W722-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W722-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W722-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W722-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W722-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W734-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W734-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W734-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W734-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W734-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W734-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W734-1 RJ45 (USA)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W734-1 RJ45 (USA)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W738-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W738-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W738-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W738-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W748-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W748-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W748-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W748-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W748-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W748-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W748-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W748-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W761-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W761-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W761-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W761-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45 (USA)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45 (USA)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W778-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W778-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W778-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W778-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W778-1 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W778-1 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W778-1 M12 EEC (USA)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W778-1 M12 EEC (USA)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 SFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 SFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 SFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 SFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2IA RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2IA RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2IA RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2IA RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T08:49:03.263Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-913875.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-019200.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T14:11:58.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.fragattacks.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-26140",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"name": "https://www.fragattacks.com",
"refsource": "MISC",
"url": "https://www.fragattacks.com"
},
{
"name": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md",
"refsource": "MISC",
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63",
"refsource": "MISC",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-26140",
"datePublished": "2021-05-11T19:34:42.000Z",
"dateReserved": "2020-09-29T00:00:00.000Z",
"dateUpdated": "2026-04-14T08:49:03.263Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2020-26140",
"date": "2026-06-04",
"epss": "0.00156",
"percentile": "0.36056"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-26140\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2021-05-11T20:15:08.687\",\"lastModified\":\"2026-04-14T09:16:22.753\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.\"},{\"lang\":\"es\",\"value\":\"Se detect\u00f3 un problema en el controlador ALFA de Windows 10 versi\u00f3n 6.1316.1209 para AWUS036H. Las implementaciones WEP, WPA, WPA2 y WPA3 aceptan tramas de texto plano en una red Wi-Fi protegida. Un adversario puede abusar de esto para inyectar tramas de datos arbitrarias independientes de la configuraci\u00f3n de la red\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":3.3,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":6.5,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-327\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:alfa:awus036h_firmware:6.1316.1209:*:*:*:*:windows_10:*:*\",\"matchCriteriaId\":\"8A9FCD5B-54DD-4EF7-AB08-56EDE3B35E7B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:alfa:awus036h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF0F9200-8AFD-4100-AF39-49476298C0E3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w1748-1_firmware:-:*:*:*:*:*:m12:*\",\"matchCriteriaId\":\"68C08ECE-4D09-4E57-920B-B8E94E81603A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w1748-1:-:*:*:*:*:*:m12:*\",\"matchCriteriaId\":\"83B4B8A7-6CAE-43F7-8DCF-0129392E41A4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w1750d_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D412FC9-835A-4FAB-81B0-4FFB8F48ACA3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBC30055-239F-4BB1-B2D1-E5E35F0D8911\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w1788-1_firmware:-:*:*:*:*:*:m12:*\",\"matchCriteriaId\":\"F5154A83-2499-4756-9150-8BFD9ACEF583\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w1788-1:-:*:*:*:*:*:m12:*\",\"matchCriteriaId\":\"7CC235C6-63B1-4085-B9AA-47EFB17A144D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w1788-2_firmware:-:*:*:*:*:*:eec_m12:*\",\"matchCriteriaId\":\"8396EACC-A0FA-4A4A-8411-8D9ED40B7F28\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w1788-2:-:*:*:*:*:*:eec_m12:*\",\"matchCriteriaId\":\"54C41A49-87FA-4C98-8321-2808712B2F68\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w1788-2_firmware:-:*:*:*:*:*:m12:*\",\"matchCriteriaId\":\"F8ED25D1-973F-481A-8550-16508F73D2D2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w1788-2:-:*:*:*:*:*:m12:*\",\"matchCriteriaId\":\"35918620-E4C5-4E46-A5A9-63009333667A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w1788-2ia_firmware:-:*:*:*:*:*:m12:*\",\"matchCriteriaId\":\"27440732-54F0-40DF-9896-88D60ABC568A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w1788-2ia:-:*:*:*:*:*:m12:*\",\"matchCriteriaId\":\"FC39A276-532B-428A-83BA-141B626281A5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w721-1_firmware:-:*:*:*:*:*:rj45:*\",\"matchCriteriaId\":\"93103556-6C4A-4D35-91D1-5CDCDC740655\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w721-1:-:*:*:*:*:*:rj45:*\",\"matchCriteriaId\":\"5DEFC044-1D95-4386-AABB-ADE1099E3F85\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w722-1_firmware:-:*:*:*:*:*:rj45:*\",\"matchCriteriaId\":\"42759A0F-70C6-41DB-9DF9-2BC05685F678\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w722-1:-:*:*:*:*:*:rj45:*\",\"matchCriteriaId\":\"95662406-0D7D-45B2-95F5-582FA275AC89\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w734-1_firmware:-:*:*:*:*:*:rj45:*\",\"matchCriteriaId\":\"A0E9FB66-F577-4744-B51F-3BD25293109F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w734-1:-:*:*:*:*:*:rj45:*\",\"matchCriteriaId\":\"079DA749-0B94-4CCF-A3B1-7669DA213B52\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w738-1_firmware:-:*:*:*:*:*:m12:*\",\"matchCriteriaId\":\"05D1BC5E-C26E-4E3D-B0DF-014C7DE16F4A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w738-1:-:*:*:*:*:*:m12:*\",\"matchCriteriaId\":\"D96A05C3-1549-47DD-BADA-7872246EBDA0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w748-1_firmware:-:*:*:*:*:*:m12:*\",\"matchCriteriaId\":\"2E7375AB-BE32-4879-BB54-CF5EDAB98188\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w748-1:-:*:*:*:*:*:m12:*\",\"matchCriteriaId\":\"0E9E26B8-1539-4E21-AEAA-45095F79382A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w748-1_firmware:-:*:*:*:*:*:rj45:*\",\"matchCriteriaId\":\"8BD6E779-AFE3-48C3-95B7-E7BED14BAE0B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w748-1:-:*:*:*:*:*:rj45:*\",\"matchCriteriaId\":\"5AA05DFB-5C02-4822-8D32-406C11ABFFC2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w761-1_firmware:-:*:*:*:*:*:rj45:*\",\"matchCriteriaId\":\"0F01F2C2-E968-45EE-BA91-39AEEFC0345C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w761-1:-:*:*:*:*:*:rj45:*\",\"matchCriteriaId\":\"19C73CA1-2F92-4635-8D38-812D6D8ACD89\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w774-1_firmware:-:*:*:*:*:*:m12_eec:*\",\"matchCriteriaId\":\"EA17907A-388A-42E7-ACC6-2F59C72C93F8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w774-1:-:*:*:*:*:*:m12_eec:*\",\"matchCriteriaId\":\"A53A71EB-C346-42CD-AD58-F83F809D0CA9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w774-1_firmware:-:*:*:*:*:*:rj45:*\",\"matchCriteriaId\":\"F801DE5A-781D-4DDA-9BD3-A9F3A4501D34\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w774-1:-:*:*:*:*:*:rj45:*\",\"matchCriteriaId\":\"90E87633-CD6E-439B-9CE8-66A1E414F09D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w778-1_firmware:-:*:*:*:*:*:m12:*\",\"matchCriteriaId\":\"742D9262-4329-4F0A-B97E-5FC65786946F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w778-1:-:*:*:*:*:*:m12:*\",\"matchCriteriaId\":\"A04D6C4A-C7DB-4757-8C34-BE6EB7D1BC50\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w778-1_firmware:-:*:*:*:*:*:m12_eec:*\",\"matchCriteriaId\":\"FC14C45F-FDFB-4AAC-94EC-45860051379F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w778-1:-:*:*:*:*:*:m12_eec:*\",\"matchCriteriaId\":\"C01E79D8-5F48-4939-BFD6-B363A76769D7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w786-1_firmware:-:*:*:*:*:*:rj45:*\",\"matchCriteriaId\":\"CEE50FA1-6616-402A-9D86-9725206612C6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w786-1:-:*:*:*:*:*:rj45:*\",\"matchCriteriaId\":\"5B907930-CA5C-4160-A3D1-8ACB559C9143\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w786-2_firmware:-:*:*:*:*:*:rj45:*\",\"matchCriteriaId\":\"9331282F-B426-40DC-869E-F6F7DFE959A8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w786-2:-:*:*:*:*:*:rj45:*\",\"matchCriteriaId\":\"CAE6D7C0-9AA7-4EE7-B5A9-987BC549442E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w786-2_firmware:-:*:*:*:*:*:sfp:*\",\"matchCriteriaId\":\"C67D4B91-66EB-490E-B43D-A7E159CC543B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w786-2:-:*:*:*:*:*:sfp:*\",\"matchCriteriaId\":\"45A6A314-804B-47DC-B35E-804AD89588D8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w786-2ia_firmware:-:*:*:*:*:*:rj45:*\",\"matchCriteriaId\":\"236FBB62-ADAF-4316-BE4A-0F3ACE9B94FB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w786-2ia:-:*:*:*:*:*:rj45:*\",\"matchCriteriaId\":\"968D60A4-036A-4792-BE8E-88F8B26444DD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w788-1_firmware:-:*:*:*:*:*:m12:*\",\"matchCriteriaId\":\"754B93BA-0451-4C09-A124-284A62189D53\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w788-1:-:*:*:*:*:*:m12:*\",\"matchCriteriaId\":\"85293635-DD43-4651-8605-4F27F228AA91\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w788-1_firmware:-:*:*:*:*:*:rj45:*\",\"matchCriteriaId\":\"826FB2F4-45B5-4360-B577-11F75A1B67A2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w788-1:-:*:*:*:*:*:rj45:*\",\"matchCriteriaId\":\"F3417E19-D7FC-487D-B316-B826DB3CB712\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w788-2_firmware:-:*:*:*:*:*:m12:*\",\"matchCriteriaId\":\"4B7AFF23-828B-4BB4-8A00-0E5C852C95C2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w788-2:-:*:*:*:*:*:m12:*\",\"matchCriteriaId\":\"9A9E77DB-7B9D-40D0-8947-DFB1B2B7522C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w788-2_firmware:-:*:*:*:*:*:m12_eec:*\",\"matchCriteriaId\":\"B66B6DB7-E48C-4758-915E-E4096CC5D68E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w788-2:-:*:*:*:*:*:m12_eec:*\",\"matchCriteriaId\":\"69C3A33C-85E1-4157-81F7-39FA271CF8ED\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w788-2_firmware:-:*:*:*:*:*:rj45:*\",\"matchCriteriaId\":\"E65FB9EC-A750-44C9-B251-5D8697C29EC2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w788-2:-:*:*:*:*:*:rj45:*\",\"matchCriteriaId\":\"64BD7639-6E6B-4ED7-8AB9-393BC48F10F5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_wam763-1_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7948D988-3ED9-49BE-B820-15728DA93D21\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_wam763-1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1AAE316D-6BA6-4C3F-9EE1-E23E4CB6FD19\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_wam766-1_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B465A44-EC90-41C6-BD9B-59D3B7E49540\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_wam766-1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA96B540-439B-4A1A-9D7D-C45AEFBC7BE6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_wam766-1_firmware:-:*:*:*:*:*:eec:*\",\"matchCriteriaId\":\"3684DA7E-E49F-42A6-9DA2-FEF6DEDBE9B8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_wam766-1:-:*:*:*:*:*:eec:*\",\"matchCriteriaId\":\"43A34072-F6CC-4843-9FEF-E0ECA96BBAEA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_wam766-1_6ghz_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5690A7D8-2B9F-4DBB-84A8-82B1A7C822B4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_wam766-1_6ghz:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA329302-48FE-43FB-A15D-C3BEFB5AE868\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_wam766-1_6ghz_firmware:-:*:*:*:*:*:eec:*\",\"matchCriteriaId\":\"AA44AF5A-1AAD-4C68-8771-E14BA8ABFBA6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_wam766-1_6ghz:-:*:*:*:*:*:eec:*\",\"matchCriteriaId\":\"37055F7B-2F2A-4B80-AC34-CAB0568BC692\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_wum763-1_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"534CF2AE-2149-4599-AC43-13EE8048B3EE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_wum763-1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C501445F-BDF6-4A0A-85FD-E6BFBF0A3C6F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_wum766-1_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E95E358-45E9-40EC-B3A3-D65C4BA42CE7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_wum766-1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EB15599-F795-4D24-A4A6-CD826F6A7A13\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_wum766-1_6ghz_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"441DF280-FC8C-481F-BDB9-7D757CF5BB72\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_wum766-1_6ghz:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF8A9161-738C-4730-8EC9-6A5C5FDE279D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:c-100_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11CE6C04-4994-463F-A456-1D47F2BD793A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:c-100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"132AD177-3F7F-4CD7-9BD5-EE5A24CE671C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:c-110_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA7E7D8A-CC58-47F6-9F3F-BE74F1CF27E8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:c-110:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4E82587-A7A1-4057-896A-F30B9DF7C831\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:c-120_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89F2DFE1-6E7B-42CC-9814-90F426D14490\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:c-120:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE3EC767-2ECA-44E4-AA03-9E2673A2B2F3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:c-130_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8197BD27-2AD7-434C-8F64-24B3D6D6E188\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:c-130:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81C15C55-207E-4030-AC2A-B2E3791D92B0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:c-200_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB011F08-5526-4D49-8100-A874CD265FB5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:c-200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F81C550-CE6F-4E68-A088-5EC0CEF40600\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:c-230_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1C3DCD8-9AD7-411B-95DC-B989EEC3E035\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:c-230:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29B18F4E-4968-493A-BC90-5D8D7F619F39\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:c-235_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AAA44BE-54CE-498B-83EF-D21DF2A57A5E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:c-235:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54878C0D-8842-490F-B556-76AF47A65891\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:c-250_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2A71084-E505-4648-9B5C-C0305DCE91AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:c-250:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE97F0AD-8658-476A-8E22-DA67A5FD9F73\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:c-260_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60A09137-CF46-420E-9792-BB6E46C5C415\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:c-260:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A006A8BD-D56E-40C2-ADD2-C11759153808\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:c-65_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C890ABE-5D64-4D7F-A67B-BC026649E0B3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:c-65:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B617EA3-E69E-43CA-99D4-86A408C55C90\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:c-75_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD2A3CCF-E8B5-4E7F-BCE7-DB70E8E72B4B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:c-75:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EE26D5A-486B-48F3-9C1C-4EE3FD8F0234\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:o-105_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF499EE6-0047-42C0-8360-6A2B3DF51B1B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:o-105:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A31FF47-55EE-451B-ABDD-CE82E8EFBC98\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:o-90_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B9860B5-6CC7-4F29-9514-A469AF6B28F1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:o-90:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41F9E4B2-63FC-4F53-9C12-7478B7B6AD48\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:w-118_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C9D810C-AA04-4748-80EB-3FB5DE507F89\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:w-118:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BEE861E-2604-42BD-ABAA-DA729F4EBDBC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:w-68_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C1EF830-C210-48DB-A3F8-FC706AC5F3C7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:w-68:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F03BB48-C89A-41F6-99DE-12FF95DCD9F2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:1100_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F7999A6-03FE-4C38-9C46-B3221E7B3815\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:1100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC042678-29AA-44F7-BBF0-1D752D25687D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:1100-4p_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81634E2A-FAD5-4B1C-A93E-545870615343\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:1100-4p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA8D5057-138A-42C4-BA35-8077A0A60068\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:1100-8p_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECAB3869-E15B-4ED4-A98C-75DE0DBA8F3F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:1100-8p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED555B12-41F4-4D62-B519-22601FB7AF8D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:1101-4p_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57F5F016-52B5-4A4C-9EE0-B478A98CEC9A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:1101-4p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21B10158-5235-483E-BACD-C407609EA6BE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:1109-2p_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B17C8544-CB4E-407B-BE52-4D42D81BF1BA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:1109-2p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8964F9BA-6E6C-44BF-9A8C-93D081B6678C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:1109-4p_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA214FF2-358E-4291-B803-58A9AC14ABEC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:1109-4p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51251FE1-67D2-4903-B7D3-E0C727B9A93C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_1532_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31FB34B4-235B-4C92-8E9C-DD04136C745F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_1532:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9CCECB59-4EA8-4FD4-81CB-329EBF7C080C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_1542d_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2051CA5B-967D-4830-87EB-1756559C1FED\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5DB7510-2741-464A-8FC9-8419985E330F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_1542i_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C72EC048-B84B-4744-BC04-BA8612C79D04\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_1542i:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AE916B2-CAAD-4508-A47E-A7D4D88B077A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_1552_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB5DD78C-B89C-44AF-B153-033FEDE22CF8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_1552:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B54636F7-8061-49A1-923B-F976491593CB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_1552h_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D795375C-E17C-4E05-8C88-F080C22652B2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_1552h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BA6C6D9-9980-4EE7-9A7D-02D5D34DE878\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_1560_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA6EF369-8D83-4F5D-BDBE-99E89AD84810\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_1560:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8191FD87-4E55-4F38-8DB0-7E6772AD075B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_1562d_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10BD5327-F3F8-4D0A-B6DC-2F11DF2E6866\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_1562d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D717945-EE41-4D0F-86EF-90826EBE9C3E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_1562e_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"893D104F-6711-46F9-804C-4B57562166E7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_1562e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99EAEA92-6589-4DFB-BC4B-8CBA425452D9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_1562i_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4AABCC2-D2A5-4A89-9DF9-6F80EB871CC9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_1562i:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D27AB201-342D-4517-9E05-6088598F4695\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_1572_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53106CD6-749D-4781-B28E-E075E61D1196\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_1572:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1FA8DA7-0D47-4C37-B96A-EBE004B0B23B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_1702_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C25445A6-4B1E-4F77-804D-FFD9507B022A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_1702:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"729FDD5F-C378-4DF1-B6CB-A1F62FD4550D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_1800_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54BDAFC3-940F-40C4-896E-99B6DABA9E3F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_1800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02F4C00A-D1E2-4B21-A14E-F30B4B818493\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_1800i_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9FC7CCB-52D2-4B4D-82AA-759C80E17018\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_1800i:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC836B4D-A489-4300-B0A2-EF0B6E01E623\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_1810_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB94F02B-C71A-4EAE-B931-30CFA52A890C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_1810:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36F923CF-D4EB-48F8-821D-8BB3A69ABB62\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_1810w_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF011423-521A-41C4-A403-FF82C2C14874\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_1810w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D613A17-FFA9-4FF0-9C2A-AF8ACD59B765\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_1815_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E076DDF4-6817-4CFD-B4A3-243D8D755DE3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_1815:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8BF9DDB-884D-47B5-A295-8BFA5207C412\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_1815i_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"205E19BF-078D-475D-A9F0-4A1604A2D554\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_1815i:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"207DC80E-499C-4CA3-8A88-F027DBC64CCF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_1832_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72A15C8E-73D8-480D-B5C9-E72E8D4695D0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_1832:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"751469E2-91A8-48F1-81A8-AEBF1420EECE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_1842_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFAEDA4F-C728-4D60-8661-90429A264E40\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_1842:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18035D1A-C8D9-4055-A5CA-541711DBA71A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_1852_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"883C24F0-99B3-42E0-AC27-6B4B3D4F5FA2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_1852:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80871D9C-43D5-4507-AC36-CDD7CC4A7C86\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_2702_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CC13255-92FB-4585-B6EF-E4D94EB6158D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_2702:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1917B7F4-17DD-4734-A856-ED7CE9AF8DA7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_2800_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAD27F3F-961F-4F44-AD2D-CF9EAD04E2B5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_2800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C28A6B0-10FF-4C6D-8527-2313E163C98E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_2800e_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A796152-A567-4B7A-8202-94858CD95119\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_2800e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"098A82FF-95F7-416A-BADD-C57CE81ACD32\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_2800i_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED80079E-2744-4325-86DA-EA3647B45179\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_2800i:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD1D5813-9223-4B3F-9DE2-F3EF854FC927\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_3702_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B836136-CCD2-49AC-9871-1C3B6255EDA7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_3702:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F72DB8D-9A3F-436A-AE5D-AC8941ED527E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_3800_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFFE3575-DDAF-433E-8D77-4CCADADC99B9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_3800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7636F7E2-E386-4F8C-A0C5-F510D8E21DA4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_3800e_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FD51123-ECF1-4042-AE1C-724FF4C51F43\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_3800e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10D7583E-2B61-40F1-B9A6-701DA08F8CDF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_3800i_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34C47517-5F78-4D3C-818E-6DBFD1B56592\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_3800i:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"945DDBE7-6233-416B-9BEE-7029F047E298\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_3800p_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F103B67B-89C9-465D-AF2E-3D24A8F5465D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_3800p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0ED89428-750C-4C26-B2A1-E3D63F8B3F44\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_4800_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5618CE7C-DF82-4849-AC79-A00B747883BE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4D8A4CB-5B80-4332-BCBC-DA18AD94D215\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_ap803_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40F38C35-EFC2-4CF9-AD88-FADC42F0649D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_ap803:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5062B18F-F28C-4975-A5A3-45C0EC03F448\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:aironet_iw3702_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"338A22C8-5617-45C8-AB3E-5E45341DFE60\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:aironet_iw3702:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6214A82C-54A6-48FC-9714-742704BEF1D3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catalyst_9105_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68410865-70F5-4578-99E4-827DBE0207B1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9105:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F3CCCFE-88CC-4F7B-8958-79CA62516EA9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catalyst_9105axi_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FF827E8-02BE-42C0-A0CE-B649601847E4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9105axi:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19F93DF4-67DB-4B30-AC22-60C67DF32DB2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catalyst_9105axw_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C9309C6-EC43-4EB9-BD7A-CBCC581AA58C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9105axw:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59C77B06-3C22-4092-AAAB-DB099A0B16A6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catalyst_9115_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EEB7E5B-AE32-455A-A351-368FB78E5276\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4081C532-3B10-4FBF-BB22-5BA17BC6FCF8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catalyst_9115_ap_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EE86352-EEDB-4890-87B8-025EA970219B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9115_ap:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56A3430C-9AF7-4604-AD95-FCF2989E9EB0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catalyst_9115axe_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C3DCF4E-081A-4375-A4A0-AAAD8F024114\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9115axe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE4C56A6-E843-498A-A17B-D3D1B01E70E7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catalyst_9115axi_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B69CC2B-CD3A-4BEF-8FF1-9925E460B049\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9115axi:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F050F416-44C3-474C-9002-321A33F288D6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catalyst_9117_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06C11A3E-E431-4923-AEBA-25E3247F19C3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9117:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FCE2220-E2E6-4A17-9F0A-2C927FAB4AA5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catalyst_9117_ap_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E48E571-AE00-47E2-BABC-849A63DBDCF4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9117_ap:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4AE36E2-E7E9-4E49-8BFF-615DACFC65C1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catalyst_9117axi_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9A46503-A8BD-4F95-BAB0-2DE5D689DD4F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9117axi:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A699C5C-CD03-4263-952F-5074B470F20E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catalyst_9120_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EA2B34D-533C-4316-AD59-EA2FCF10B9F0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A47C2D6F-8F90-4D74-AFE1-EAE954021F46\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catalyst_9120_ap_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A8A6B51-5192-4B98-9D94-682290890074\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9120_ap:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C04889F8-3C2A-41AA-9DC9-5A4A4BBE60E7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catalyst_9120axe_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D07AB0E3-151D-4D80-A482-41E7A27AE068\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9120axe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46D41CFE-784B-40EE-9431-8097428E5892\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catalyst_9120axi_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A99728C-9E6B-4249-BAAA-C080109EFC4A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9120axi:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D148A27-85B6-4883-96B5-343C8D32F23B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catalyst_9120axp_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C73A651-932E-43CA-B40F-2F75510AEE36\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9120axp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"735CA950-672C-4787-8910-48AD07868FDE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catalyst_9124_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A71D9CA-91DF-48DD-AE3D-DED883666A75\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9124:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11EF240-7599-4138-B7A7-17E4479F5B83\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catalyst_9124axd_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF43EC0A-AC28-408A-8375-11CE249217A1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9124axd:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E987C945-4D6D-4BE5-B6F0-784B7E821D11\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catalyst_9124axi_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABA19FD7-047B-43AA-9237-807AAA2E9F7D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9124axi:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B434C6D7-F583-4D2B-9275-38A5EC4ECC30\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catalyst_9130_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19D85A86-1D8B-4006-8BF7-4593B1D7EB70\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1C8E35A-5A9B-4D56-A753-937D5CFB5B19\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catalyst_9130_ap_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"166D74EA-8820-4C78-B43B-FCBC9779FCB7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9130_ap:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"248A3FFC-C33C-4336-A37C-67B6046556E5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catalyst_9130axe_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67C380AE-C888-4AED-80D2-B9AF5EB9EC85\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9130axe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EC1F736-6240-4FA2-9FEC-D8798C9D287C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catalyst_9130axi_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1AA48001-7F56-4155-B70D-5DC41D73DB38\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9130axi:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"169E5354-07EA-4639-AB4B-20D2B9DE784C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catalyst_iw6300_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB09D94E-A6B2-496D-87A3-53CB9872FA69\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C559D6F7-B432-4A2A-BE0E-9697CC412C70\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catalyst_iw6300_ac_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE4AFA1C-5A9E-4DF4-B9C7-66EF918548C5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_iw6300_ac:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23153AA4-B169-4421-BFF8-873205FC9C21\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catalyst_iw6300_dc_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE3E846C-359B-4EF1-AD68-DE612C5697F4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_iw6300_dc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67DC3B71-B64D-4C49-B089-B274FA34ECB6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catalyst_iw6300_dcw_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CFE9F2D-407B-49CE-BB6C-80DC941A9371\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_iw6300_dcw:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F857465-314F-4124-9835-8A269486D654\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:esw-6300-con-x-k9_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90A743E4-1302-4DAB-9300-65D8F468C8F2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:esw-6300-con-x-k9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED3625BC-9003-4E07-B4EA-EB44CADDD6B4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:esw6300_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3EBAC6D-93DB-4380-8B6E-61555A9C8A3C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:esw6300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09051BC5-CFE7-43EF-975D-BF77724E8776\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ip_phone_6861_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD79F5E4-AA2D-40EB-9E59-2FEB4FD49ECD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ip_phone_6861:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C05A7CA6-AD58-45D7-AF32-129E22855D8E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ip_phone_8821_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A138C033-0F4D-41F8-B0FF-CDE9261DA7D9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ip_phone_8821:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36C99E0B-0383-4CB3-B325-EC0F3D57D39D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ip_phone_8832_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2CDAD5D-3702-42EE-AE5A-A08842870EEA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ip_phone_8832:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5EA5C6B-243B-419A-9C60-1CDBD039C1D8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ip_phone_8861_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CC9DD95-DC0E-4A47-A0EB-32D551B323CD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ip_phone_8861:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"090EE553-01D5-45F0-87A4-E1167F46EB77\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ip_phone_8865_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAAAB671-8EBF-4D9C-9AA5-E3C306CDB931\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ip_phone_8865:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB99B9AB-64B5-4989-9579-A1BB5D2D87EF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ir829-2lte-ea-ak9_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB907B21-237D-4629-964C-408B5AD590E6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ir829-2lte-ea-ak9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB62C534-29F8-48CA-9D45-42C49CE68577\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ir829-2lte-ea-bk9_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2F956BF-E845-43FF-87A8-EA62DDFB1228\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ir829-2lte-ea-bk9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B670C5A3-4E19-428F-87D0-C2B12EE2CB92\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ir829-2lte-ea-ek9_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4541452E-32E8-451B-B8F3-1118ECCBAE50\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ir829-2lte-ea-ek9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BF5C3D3-833D-405B-8E1E-ED3BC29CD5E0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ir829gw-lte-ga-ck9_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5C512E9-F7A6-492E-BE4B-93858E34CCD9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ir829gw-lte-ga-ck9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8D39174-298E-4C06-A289-B0C4585B2E99\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ir829gw-lte-ga-ek9_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6041298-45A9-41CB-A644-55D5DC40B5D4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ir829gw-lte-ga-ek9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB259DDC-AB98-405E-A369-49A3B89F48F5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ir829gw-lte-ga-sk9_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A1385AA-FACE-4150-93E8-610A73F90CCB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ir829gw-lte-ga-sk9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99B57D05-6702-4026-9E36-0CBEC6BE8001\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ir829gw-lte-ga-zk9_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"715401BE-1E29-4260-9D10-245C6246BE94\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ir829gw-lte-ga-zk9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC62F7A8-9D57-4703-A7DF-451C2CA75919\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ir829gw-lte-na-ak9_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC762476-57D4-40E8-BE70-2F6861F31EF7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ir829gw-lte-na-ak9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78F497A3-8153-4524-9E8D-2CFDCF2ADCDE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ir829gw-lte-vz-ak9_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"795A3C41-753D-4590-B71F-37E9DD7DD5D5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ir829gw-lte-vz-ak9:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61BD4298-A8D5-4D7C-A9D9-694606042C12\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_gr10_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E9F6455-59CC-4A3B-AFDD-60B5DD1E9ECF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_gr10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EF406E2-A24B-4D94-B4F7-2186B1D82462\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_gr60_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC624300-4EBB-44B9-9D90-F411368FE60A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_gr60:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33B44092-CC37-4683-920D-8F84C60CCCEF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mr12_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9005D484-CEF5-4B8D-86B0-6CB5860A157E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mr12:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03F4DBFC-42FC-44FD-9EDF-4C0C92053E4B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mr20_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE66B0F4-1211-40A4-BDB3-D8F6C74678AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mr20:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B1207B-C065-483D-8AB3-6B9CEC4D3C7C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mr26_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06205774-F85A-42F8-B599-1A529BBFA68B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mr26:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60D19311-A114-455C-9011-004446C80E27\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mr30h_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C922D55-E2DC-4970-A381-30F95CEB038B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mr30h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"602DA0AF-86EB-4A01-BDE3-43596DEC746A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mr32_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B2718D7-1D20-40D5-9E43-7AE1AA7AFCCF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mr32:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E011F146-3AB9-446D-ACFD-FE5B021735D3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mr33_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFB4CE7A-6FC1-4171-A743-CD8BB14C9864\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mr33:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12E670DC-C4D2-4277-A4DD-222D60A7CDB1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mr34_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7449719-1071-41B8-BDE9-81ACFBEE5D0F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mr34:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"814ADA42-72A9-48D6-B524-5F5BD76F3059\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mr36_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25616833-BCF6-4611-A9AB-248F761C5603\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mr36:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A66108F-5CED-4D41-8EE9-9479090B31DD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mr42_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92DD4610-420C-459B-9B05-85600EF466D5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mr42:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18E7D194-AA15-43CD-9019-7B286F528773\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mr42e_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78B15252-5725-4B7B-8DBE-10251EB9C212\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mr42e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FB4754D-3B94-42AA-A150-6BDFF42B3270\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mr44_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63217CCA-1926-46AD-956E-702A94420D91\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mr44:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07E495B6-CA7A-4F58-99A2-550F83E1E020\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mr45_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B9BC8A2-451A-4BDE-B073-FF39DD9E5D90\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mr45:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4F47740-D0F3-478B-AFC3-51EB3AED34A4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mr46_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DC56150-D025-40A9-B350-8E95B62D236C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mr46:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27E9718F-E50B-412F-86D7-DA6F39056006\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mr46e_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"914C5C0C-EACD-4A4C-83B2-26AA4EF283D5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mr46e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6B83072-84F6-43A4-9CC1-32924AFCC737\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mr52_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1F09491-2234-4C86-A80C-445B48A9FE78\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mr52:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5634D1AB-B64D-44D0-A431-FE52E879B4BD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mr53_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8998B44-D926-46F9-AF3F-02EEF99680A5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mr53:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"920CF4B6-9424-48DA-9622-FB0C0510E52F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mr53e_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"746D2300-CA9A-4C09-9A2B-FCC9DAEC74EC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mr53e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EC322AE-6731-41F3-9C59-8CF9622D997A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mr55_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79419F89-0F01-4FD7-9102-ABFAFF3F2424\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mr55:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0036877-C975-4AC7-B933-E5BC5E300B44\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mr56_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC64210E-A2F8-42DC-AB94-2547A51F63C5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mr56:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E37474E5-76DE-4326-A5A8-D8900A8A2F62\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mr62_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"089164E3-B852-43BA-8C2C-FEE1C267C58C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mr62:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F8F3095-F280-44B0-8BC6-50221247ACE1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mr66_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27DA3F64-514B-4DB7-A6B0-6A303F296DC7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mr66:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBB99337-4422-46AB-9B79-A96CE207AC28\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mr70_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD532656-21FE-4F82-846E-C8CB752B87F1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mr70:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37D7E013-920A-4C32-98C1-FBD7C450DD88\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mr72_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E80D395-C853-41A3-8438-BF880C799A01\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mr72:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68086DA9-AD50-41DC-B8B5-D9BB0512C6B6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mr74_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D8181BA-846A-4D83-9DB9-B915B9EFFD7C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mr74:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"366ABABA-D9C5-4D46-9516-7262AA32D4CD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mr76_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B02C40A8-0294-4C3D-8AC9-8D56AF1D2B4E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mr76:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D071FC26-097A-432B-8900-DA02D3116D29\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mr84_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D4901FE-B1AE-4CAB-9D91-139737B6E832\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mr84:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9543B910-A999-4CEF-B06A-3F1A46784BF0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mr86_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC06358C-6F27-4A27-8553-CF138D4214CC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mr86:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A57AA24E-09E0-4EB6-9580-A68267767119\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mx64w_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15CD8683-DFB3-45E3-B6E2-92AFD846B0BA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1038F5F-020D-41FD-9C3D-F2685F1EA916\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mx65w_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01AD96C5-1620-4339-94E7-343E1ADAAC4C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mx65w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69A23113-F7E1-4587-A4FF-A4AAB446A69D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mx67cw_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F910935-E534-462D-8045-71C58BDD7285\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mx67cw:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E85585DA-C918-445B-9B44-B2B1A982A1F7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mx67w_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B2F5CB3-1AE0-4905-A28B-090FDA56622E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2529662-8A54-4DFC-80E7-922CF22DE2F3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mx68cw_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39884334-73AF-4E98-B05A-20FFF82B5DF1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18E682AA-05AD-483F-915F-A2B2C98233B7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_mx68w_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85EF67F0-973F-4FD1-8077-CE68D2AB1149\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03F9C184-3811-4A26-846D-54ECE7CF939F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_z3_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04CF5026-CC39-48FF-A8F0-8E31A425343E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_z3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB81CFD0-9558-47AB-96E4-CB21C1AA9159\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:meraki_z3c_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F97974E-3C2B-49DB-A0FA-B5FEE7C98B18\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:meraki_z3c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6646F004-E0E0-4316-A022-2793C28FBCCC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:webex_board_55_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61A0EF95-7CC5-4EE2-A5D8-803195F63F49\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:webex_board_55:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6554B9F-CD89-49B4-B55A-510B1C881C4F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:webex_board_55s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68546316-D08D-4E0B-BDDE-BF6320B730EB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:webex_board_55s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D0EC6FF-44F6-4033-BDAF-A396C2635D3F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:webex_board_70_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85FDA9FB-BB79-4A60-B825-D68B3719BFE3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:webex_board_70:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A85B502B-2F55-4CA5-9AAA-0CD5BBA45EB7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:webex_board_70s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5565DF04-82F3-40C7-8E82-44A0DA72398B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:webex_board_70s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15073B83-81ED-4E98-8521-1320F8120C3F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:webex_board_85s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CA125CA-2BF9-4F22-8F8B-DC2E09A19E51\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:webex_board_85s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31842684-B05D-4E17-9229-EC6993E78612\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:webex_dx70_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69224767-0E2B-4A85-A7F1-77C6B41668DE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:webex_dx70:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EEB693F-64A4-46CC-B7AB-8BC0AA84F9E1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:webex_dx80_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53BE3D06-730E-44E2-B3B0-ED29AB5D1BF1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:webex_dx80:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C17B385C-68D5-4FF5-AE40-6EDA46E3ACB7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:webex_room_55_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90095155-ABC0-43C9-896A-55A797EC2055\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:webex_room_55:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A983D4D-9E04-45CE-BE3C-9FCD0018837F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:webex_room_55_dual_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E5ABF29-B908-4A43-B3CC-9145721727A9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:webex_room_55_dual:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A36CB8A-C74F-46B4-BFCE-523488D33B93\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:webex_room_70_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA1BD59F-078D-45D2-AC39-C479A4C6E7CA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:webex_room_70:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD45F341-FAD8-4B10-B28C-8697E51C6B61\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:webex_room_70_dual_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB5631A8-0201-432E-9912-B99D44D757DB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:webex_room_70_dual:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BB2955F-2C82-4668-8C0B-412BEFE0E09E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:webex_room_70_dual_g2_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A16E007C-A310-474D-8174-EC98FEDDCE76\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:webex_room_70_dual_g2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40E028E3-2DEB-4015-9BB0-97413DE60A47\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:webex_room_70_single_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCE92390-9835-4556-A439-5A6FE108A9AB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:webex_room_70_single:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B47AE71-CF1B-402B-BB60-645A856A632D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:webex_room_70_single_g2_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEB8DBF7-428A-42D4-8D52-8FF1329D3A56\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:webex_room_70_single_g2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C05259D-1F6C-440C-BCF4-A87BCC2EEA81\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:webex_room_kit_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3610C3BC-6994-443F-BD27-0D11293C4079\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:webex_room_kit:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AD5AD81-0976-483E-AA31-6D53A63A8D90\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:webex_room_kit_mini_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31D7CC29-6916-4A75-86DE-0BC4FBA3A639\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:webex_room_kit_mini:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D320D1AC-EAA7-45FD-B932-FC9554934BC1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ac_8260_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28B0DBF3-63BB-40EF-9D46-E32D074D73DA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ac_8260:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5A8F30C-6BB7-4CC6-ADBE-1859DAF66C58\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ac_8265_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E5ADC21-F308-4CAA-8E98-4E7FDC7EDAAC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ac_8265:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C08E2F3E-C4B5-4227-A88D-C50E209A12CF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ac_9260_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2915178-6BB6-45EE-A19D-EDB5B78F2BE2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ac_9260:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2795E42-D044-4D48-BCB2-61CC1A3471B1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ac_9560_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7154EAF0-2E61-4813-B443-C4556137EB4D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ac_9560:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D382D4A1-C8FD-4B47-B2C4-145232EC8AC5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:killer_ac_1550_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7262E71-08D0-4F5E-8445-1FA0E2243340\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:killer_ac_1550:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA05D5D2-F6C1-4FBB-B334-73F30F108562\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:killer_wi-fi_6_ax1650_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD2249BC-F119-471D-9D71-4690A65A1020\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:killer_wi-fi_6_ax1650:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E239C04-1D6B-4305-9340-BFEC3E54E19A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:killer_wi-fi_6e_ax1675_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CA43945-7F16-4A50-9E25-D91EE4A270F1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:killer_wi-fi_6e_ax1675:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35F09C95-25BD-440A-AD79-8510E54F8DD9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:proset_ac_3165_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"662CE728-C754-465B-A4AC-E63D5115EFC4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:proset_ac_3165:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C527CEB1-3D59-4ACD-B67F-B3919AFCE54C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:proset_ac_3168_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"160C541B-2617-4199-914D-ECE3A0791397\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:proset_ac_3168:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA1FA4A0-728B-4DB1-BA3C-CA80ECBA8624\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:proset_ac_8260_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9C7F70F-207C-4D8C-8C3E-08C7772810F8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:proset_ac_8260:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB7638C7-6F12-4C10-8B6D-5F866950CA05\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:proset_ac_8265_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA4C0E13-8027-4375-AA26-764DAD7E3C9B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:proset_ac_8265:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CDDDE40-5D30-49AF-91C0-9A4FA7741201\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:proset_ac_9260_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30A4744B-DA96-4614-AA99-9198A6D4C442\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:proset_ac_9260:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09145915-AFD1-4D5D-8178-8571C43A0BA5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:proset_ac_9461_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63756272-F713-4249-91C2-F29A382C63A6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:proset_ac_9461:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1950BF4-323D-4A25-A645-3ED60ED6F3AC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:proset_ac_9462_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EFDF863-4FB2-4D21-8744-A82A7C0EAA76\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:proset_ac_9462:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28157739-A073-4B01-B308-470841344A2F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:proset_ac_9560_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42D55365-A759-4F72-B85D-5C13710F2AF6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:proset_ac_9560:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52B5EF48-BA3E-470C-9C68-12CEF8EFF045\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:proset_wi-fi_6_ax200_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8531052-3602-4309-93A9-CA7020EF95F4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:proset_wi-fi_6_ax200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB9FC918-AC9F-4C15-8404-1C2E8DC506A9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:proset_wi-fi_6_ax201_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB831D03-30CD-4218-9E69-13FC12115805\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:proset_wi-fi_6_ax201:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5A7944D-2BB4-47A9-A2F5-AB68A9FC8C70\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:proset_wi-fi_6e_ax210_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"049297F7-84C0-4AD0-8806-AA41AC02CEAE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:proset_wi-fi_6e_ax210:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77EADB2D-F10B-40A9-A938-A89EE0FEFF60\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:proset_wireless_7265_\\\\(rev_d\\\\)_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2C67C7D-DA10-47A7-8407-5624981DFBE8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:proset_wireless_7265_\\\\(rev_d\\\\):-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BFF8901-DEFF-4D08-8692-571682DE8582\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:wi-fi_6_ax200_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55FD8273-3968-4A85-A4FF-00CCE3B89C25\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:wi-fi_6_ax200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D653F9C-5B2E-400F-8F50-BFE466F08F0E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:wi-fi_6_ax201_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2DF0C27-886C-48F8-83DA-85BE0F239DD3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:wi-fi_6_ax201:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0433774-9479-4A01-B697-1379AEA223C9\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2021/05/11/12\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.fragattacks.com\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/05/11/12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.fragattacks.com\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-019200.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"}]}}"
}
}
Title
Windows 10输入验证错误漏洞
Description
Microsoft Windows 10是美国微软(Microsoft)公司的一套个人电脑使用的操作系统。
Windows 10 driver 6.1316.1209版本存在安全漏洞。攻击者可以注入独立于网络配置的任意数据帧。
Severity
中
Patch Name
Windows 10输入验证错误漏洞的补丁
Patch Description
Microsoft Windows 10是美国微软(Microsoft)公司的一套个人电脑使用的操作系统。
Windows 10 driver 6.1316.1209版本存在安全漏洞。攻击者可以注入独立于网络配置的任意数据帧。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://www.wi-fi.org/security-update-fragmentation
Reference
https://nvd.nist.gov/vuln/detail/CVE-2020-26140
Impacted products
| Name | Microsoft Windows 10 driver 6.1316.1209 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2020-26140"
}
},
"description": "Microsoft Windows 10\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e2a\u4eba\u7535\u8111\u4f7f\u7528\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\n\nWindows 10 driver 6.1316.1209\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u6ce8\u5165\u72ec\u7acb\u4e8e\u7f51\u7edc\u914d\u7f6e\u7684\u4efb\u610f\u6570\u636e\u5e27\u3002",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://www.wi-fi.org/security-update-fragmentation",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2021-34680",
"openTime": "2021-05-14",
"patchDescription": "Microsoft Windows 10\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e2a\u4eba\u7535\u8111\u4f7f\u7528\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nWindows 10 driver 6.1316.1209\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u6ce8\u5165\u72ec\u7acb\u4e8e\u7f51\u7edc\u914d\u7f6e\u7684\u4efb\u610f\u6570\u636e\u5e27\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Windows 10\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Microsoft Windows 10 driver 6.1316.1209"
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-26140",
"serverity": "\u4e2d",
"submitTime": "2021-05-14",
"title": "Windows 10\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e"
}
FKIE_CVE-2020-26140
Vulnerability from fkie_nvd - Published: 2021-05-11 20:15 - Updated: 2026-04-14 09:16
Severity
Summary
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:alfa:awus036h_firmware:6.1316.1209:*:*:*:*:windows_10:*:*",
"matchCriteriaId": "8A9FCD5B-54DD-4EF7-AB08-56EDE3B35E7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:alfa:awus036h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF0F9200-8AFD-4100-AF39-49476298C0E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w1748-1_firmware:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "68C08ECE-4D09-4E57-920B-B8E94E81603A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w1748-1:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "83B4B8A7-6CAE-43F7-8DCF-0129392E41A4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w1750d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D412FC9-835A-4FAB-81B0-4FFB8F48ACA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FBC30055-239F-4BB1-B2D1-E5E35F0D8911",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w1788-1_firmware:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "F5154A83-2499-4756-9150-8BFD9ACEF583",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w1788-1:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "7CC235C6-63B1-4085-B9AA-47EFB17A144D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w1788-2_firmware:-:*:*:*:*:*:eec_m12:*",
"matchCriteriaId": "8396EACC-A0FA-4A4A-8411-8D9ED40B7F28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w1788-2:-:*:*:*:*:*:eec_m12:*",
"matchCriteriaId": "54C41A49-87FA-4C98-8321-2808712B2F68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w1788-2_firmware:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "F8ED25D1-973F-481A-8550-16508F73D2D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w1788-2:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "35918620-E4C5-4E46-A5A9-63009333667A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w1788-2ia_firmware:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "27440732-54F0-40DF-9896-88D60ABC568A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w1788-2ia:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "FC39A276-532B-428A-83BA-141B626281A5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w721-1_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "93103556-6C4A-4D35-91D1-5CDCDC740655",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w721-1:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "5DEFC044-1D95-4386-AABB-ADE1099E3F85",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w722-1_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "42759A0F-70C6-41DB-9DF9-2BC05685F678",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w722-1:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "95662406-0D7D-45B2-95F5-582FA275AC89",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w734-1_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "A0E9FB66-F577-4744-B51F-3BD25293109F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w734-1:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "079DA749-0B94-4CCF-A3B1-7669DA213B52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w738-1_firmware:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "05D1BC5E-C26E-4E3D-B0DF-014C7DE16F4A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w738-1:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "D96A05C3-1549-47DD-BADA-7872246EBDA0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w748-1_firmware:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "2E7375AB-BE32-4879-BB54-CF5EDAB98188",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w748-1:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "0E9E26B8-1539-4E21-AEAA-45095F79382A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w748-1_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "8BD6E779-AFE3-48C3-95B7-E7BED14BAE0B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w748-1:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "5AA05DFB-5C02-4822-8D32-406C11ABFFC2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w761-1_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "0F01F2C2-E968-45EE-BA91-39AEEFC0345C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w761-1:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "19C73CA1-2F92-4635-8D38-812D6D8ACD89",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w774-1_firmware:-:*:*:*:*:*:m12_eec:*",
"matchCriteriaId": "EA17907A-388A-42E7-ACC6-2F59C72C93F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w774-1:-:*:*:*:*:*:m12_eec:*",
"matchCriteriaId": "A53A71EB-C346-42CD-AD58-F83F809D0CA9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w774-1_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "F801DE5A-781D-4DDA-9BD3-A9F3A4501D34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w774-1:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "90E87633-CD6E-439B-9CE8-66A1E414F09D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w778-1_firmware:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "742D9262-4329-4F0A-B97E-5FC65786946F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w778-1:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "A04D6C4A-C7DB-4757-8C34-BE6EB7D1BC50",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w778-1_firmware:-:*:*:*:*:*:m12_eec:*",
"matchCriteriaId": "FC14C45F-FDFB-4AAC-94EC-45860051379F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w778-1:-:*:*:*:*:*:m12_eec:*",
"matchCriteriaId": "C01E79D8-5F48-4939-BFD6-B363A76769D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w786-1_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "CEE50FA1-6616-402A-9D86-9725206612C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w786-1:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "5B907930-CA5C-4160-A3D1-8ACB559C9143",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w786-2_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "9331282F-B426-40DC-869E-F6F7DFE959A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w786-2:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "CAE6D7C0-9AA7-4EE7-B5A9-987BC549442E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w786-2_firmware:-:*:*:*:*:*:sfp:*",
"matchCriteriaId": "C67D4B91-66EB-490E-B43D-A7E159CC543B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w786-2:-:*:*:*:*:*:sfp:*",
"matchCriteriaId": "45A6A314-804B-47DC-B35E-804AD89588D8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w786-2ia_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "236FBB62-ADAF-4316-BE4A-0F3ACE9B94FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w786-2ia:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "968D60A4-036A-4792-BE8E-88F8B26444DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w788-1_firmware:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "754B93BA-0451-4C09-A124-284A62189D53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w788-1:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "85293635-DD43-4651-8605-4F27F228AA91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w788-1_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "826FB2F4-45B5-4360-B577-11F75A1B67A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w788-1:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "F3417E19-D7FC-487D-B316-B826DB3CB712",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w788-2_firmware:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "4B7AFF23-828B-4BB4-8A00-0E5C852C95C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w788-2:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "9A9E77DB-7B9D-40D0-8947-DFB1B2B7522C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w788-2_firmware:-:*:*:*:*:*:m12_eec:*",
"matchCriteriaId": "B66B6DB7-E48C-4758-915E-E4096CC5D68E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w788-2:-:*:*:*:*:*:m12_eec:*",
"matchCriteriaId": "69C3A33C-85E1-4157-81F7-39FA271CF8ED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w788-2_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "E65FB9EC-A750-44C9-B251-5D8697C29EC2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w788-2:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "64BD7639-6E6B-4ED7-8AB9-393BC48F10F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_wam763-1_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7948D988-3ED9-49BE-B820-15728DA93D21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_wam763-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1AAE316D-6BA6-4C3F-9EE1-E23E4CB6FD19",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_wam766-1_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B465A44-EC90-41C6-BD9B-59D3B7E49540",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_wam766-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA96B540-439B-4A1A-9D7D-C45AEFBC7BE6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_wam766-1_firmware:-:*:*:*:*:*:eec:*",
"matchCriteriaId": "3684DA7E-E49F-42A6-9DA2-FEF6DEDBE9B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_wam766-1:-:*:*:*:*:*:eec:*",
"matchCriteriaId": "43A34072-F6CC-4843-9FEF-E0ECA96BBAEA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_wam766-1_6ghz_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5690A7D8-2B9F-4DBB-84A8-82B1A7C822B4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_wam766-1_6ghz:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA329302-48FE-43FB-A15D-C3BEFB5AE868",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_wam766-1_6ghz_firmware:-:*:*:*:*:*:eec:*",
"matchCriteriaId": "AA44AF5A-1AAD-4C68-8771-E14BA8ABFBA6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_wam766-1_6ghz:-:*:*:*:*:*:eec:*",
"matchCriteriaId": "37055F7B-2F2A-4B80-AC34-CAB0568BC692",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_wum763-1_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "534CF2AE-2149-4599-AC43-13EE8048B3EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_wum763-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C501445F-BDF6-4A0A-85FD-E6BFBF0A3C6F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_wum766-1_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E95E358-45E9-40EC-B3A3-D65C4BA42CE7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_wum766-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EB15599-F795-4D24-A4A6-CD826F6A7A13",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_wum766-1_6ghz_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "441DF280-FC8C-481F-BDB9-7D757CF5BB72",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_wum766-1_6ghz:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF8A9161-738C-4730-8EC9-6A5C5FDE279D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:c-100_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11CE6C04-4994-463F-A456-1D47F2BD793A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:c-100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "132AD177-3F7F-4CD7-9BD5-EE5A24CE671C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:c-110_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7E7D8A-CC58-47F6-9F3F-BE74F1CF27E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:c-110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4E82587-A7A1-4057-896A-F30B9DF7C831",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:c-120_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89F2DFE1-6E7B-42CC-9814-90F426D14490",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:c-120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE3EC767-2ECA-44E4-AA03-9E2673A2B2F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:c-130_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8197BD27-2AD7-434C-8F64-24B3D6D6E188",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:c-130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81C15C55-207E-4030-AC2A-B2E3791D92B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:c-200_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB011F08-5526-4D49-8100-A874CD265FB5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:c-200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F81C550-CE6F-4E68-A088-5EC0CEF40600",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:c-230_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1C3DCD8-9AD7-411B-95DC-B989EEC3E035",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:c-230:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29B18F4E-4968-493A-BC90-5D8D7F619F39",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:c-235_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6AAA44BE-54CE-498B-83EF-D21DF2A57A5E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:c-235:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54878C0D-8842-490F-B556-76AF47A65891",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:c-250_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2A71084-E505-4648-9B5C-C0305DCE91AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:c-250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE97F0AD-8658-476A-8E22-DA67A5FD9F73",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:c-260_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60A09137-CF46-420E-9792-BB6E46C5C415",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:c-260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A006A8BD-D56E-40C2-ADD2-C11759153808",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:c-65_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C890ABE-5D64-4D7F-A67B-BC026649E0B3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:c-65:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B617EA3-E69E-43CA-99D4-86A408C55C90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:c-75_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD2A3CCF-E8B5-4E7F-BCE7-DB70E8E72B4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:c-75:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EE26D5A-486B-48F3-9C1C-4EE3FD8F0234",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:o-105_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF499EE6-0047-42C0-8360-6A2B3DF51B1B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:o-105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A31FF47-55EE-451B-ABDD-CE82E8EFBC98",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:o-90_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B9860B5-6CC7-4F29-9514-A469AF6B28F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:o-90:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41F9E4B2-63FC-4F53-9C12-7478B7B6AD48",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:w-118_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9D810C-AA04-4748-80EB-3FB5DE507F89",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:w-118:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5BEE861E-2604-42BD-ABAA-DA729F4EBDBC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:w-68_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C1EF830-C210-48DB-A3F8-FC706AC5F3C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:w-68:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F03BB48-C89A-41F6-99DE-12FF95DCD9F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:1100_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7999A6-03FE-4C38-9C46-B3221E7B3815",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC042678-29AA-44F7-BBF0-1D752D25687D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:1100-4p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81634E2A-FAD5-4B1C-A93E-545870615343",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1100-4p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA8D5057-138A-42C4-BA35-8077A0A60068",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:1100-8p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECAB3869-E15B-4ED4-A98C-75DE0DBA8F3F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1100-8p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED555B12-41F4-4D62-B519-22601FB7AF8D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:1101-4p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57F5F016-52B5-4A4C-9EE0-B478A98CEC9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1101-4p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B10158-5235-483E-BACD-C407609EA6BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:1109-2p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B17C8544-CB4E-407B-BE52-4D42D81BF1BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1109-2p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8964F9BA-6E6C-44BF-9A8C-93D081B6678C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:1109-4p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA214FF2-358E-4291-B803-58A9AC14ABEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1109-4p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51251FE1-67D2-4903-B7D3-E0C727B9A93C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1532_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31FB34B4-235B-4C92-8E9C-DD04136C745F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CCECB59-4EA8-4FD4-81CB-329EBF7C080C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1542d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2051CA5B-967D-4830-87EB-1756559C1FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5DB7510-2741-464A-8FC9-8419985E330F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1542i_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C72EC048-B84B-4744-BC04-BA8612C79D04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1542i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AE916B2-CAAD-4508-A47E-A7D4D88B077A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1552_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB5DD78C-B89C-44AF-B153-033FEDE22CF8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1552:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B54636F7-8061-49A1-923B-F976491593CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1552h_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D795375C-E17C-4E05-8C88-F080C22652B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1552h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA6C6D9-9980-4EE7-9A7D-02D5D34DE878",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1560_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA6EF369-8D83-4F5D-BDBE-99E89AD84810",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1560:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8191FD87-4E55-4F38-8DB0-7E6772AD075B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1562d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10BD5327-F3F8-4D0A-B6DC-2F11DF2E6866",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1562d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D717945-EE41-4D0F-86EF-90826EBE9C3E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1562e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "893D104F-6711-46F9-804C-4B57562166E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1562e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99EAEA92-6589-4DFB-BC4B-8CBA425452D9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1562i_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4AABCC2-D2A5-4A89-9DF9-6F80EB871CC9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1562i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D27AB201-342D-4517-9E05-6088598F4695",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1572_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53106CD6-749D-4781-B28E-E075E61D1196",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1572:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FA8DA7-0D47-4C37-B96A-EBE004B0B23B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1702_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C25445A6-4B1E-4F77-804D-FFD9507B022A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1702:-:*:*:*:*:*:*:*",
"matchCriteriaId": "729FDD5F-C378-4DF1-B6CB-A1F62FD4550D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1800_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54BDAFC3-940F-40C4-896E-99B6DABA9E3F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02F4C00A-D1E2-4B21-A14E-F30B4B818493",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1800i_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9FC7CCB-52D2-4B4D-82AA-759C80E17018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1800i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC836B4D-A489-4300-B0A2-EF0B6E01E623",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1810_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB94F02B-C71A-4EAE-B931-30CFA52A890C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1810:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36F923CF-D4EB-48F8-821D-8BB3A69ABB62",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1810w_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF011423-521A-41C4-A403-FF82C2C14874",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1810w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D613A17-FFA9-4FF0-9C2A-AF8ACD59B765",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1815_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E076DDF4-6817-4CFD-B4A3-243D8D755DE3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1815:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8BF9DDB-884D-47B5-A295-8BFA5207C412",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1815i_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "205E19BF-078D-475D-A9F0-4A1604A2D554",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1815i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "207DC80E-499C-4CA3-8A88-F027DBC64CCF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1832_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72A15C8E-73D8-480D-B5C9-E72E8D4695D0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "751469E2-91A8-48F1-81A8-AEBF1420EECE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1842_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFAEDA4F-C728-4D60-8661-90429A264E40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1842:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18035D1A-C8D9-4055-A5CA-541711DBA71A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1852_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "883C24F0-99B3-42E0-AC27-6B4B3D4F5FA2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1852:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80871D9C-43D5-4507-AC36-CDD7CC4A7C86",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_2702_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8CC13255-92FB-4585-B6EF-E4D94EB6158D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_2702:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1917B7F4-17DD-4734-A856-ED7CE9AF8DA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_2800_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD27F3F-961F-4F44-AD2D-CF9EAD04E2B5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_2800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C28A6B0-10FF-4C6D-8527-2313E163C98E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_2800e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A796152-A567-4B7A-8202-94858CD95119",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_2800e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "098A82FF-95F7-416A-BADD-C57CE81ACD32",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_2800i_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED80079E-2744-4325-86DA-EA3647B45179",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_2800i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD1D5813-9223-4B3F-9DE2-F3EF854FC927",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_3702_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B836136-CCD2-49AC-9871-1C3B6255EDA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_3702:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F72DB8D-9A3F-436A-AE5D-AC8941ED527E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_3800_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFFE3575-DDAF-433E-8D77-4CCADADC99B9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_3800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7636F7E2-E386-4F8C-A0C5-F510D8E21DA4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_3800e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD51123-ECF1-4042-AE1C-724FF4C51F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_3800e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10D7583E-2B61-40F1-B9A6-701DA08F8CDF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_3800i_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34C47517-5F78-4D3C-818E-6DBFD1B56592",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_3800i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "945DDBE7-6233-416B-9BEE-7029F047E298",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_3800p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F103B67B-89C9-465D-AF2E-3D24A8F5465D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_3800p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED89428-750C-4C26-B2A1-E3D63F8B3F44",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_4800_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5618CE7C-DF82-4849-AC79-A00B747883BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D8A4CB-5B80-4332-BCBC-DA18AD94D215",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_ap803_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40F38C35-EFC2-4CF9-AD88-FADC42F0649D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_ap803:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5062B18F-F28C-4975-A5A3-45C0EC03F448",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_iw3702_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "338A22C8-5617-45C8-AB3E-5E45341DFE60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_iw3702:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6214A82C-54A6-48FC-9714-742704BEF1D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9105_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68410865-70F5-4578-99E4-827DBE0207B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3CCCFE-88CC-4F7B-8958-79CA62516EA9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9105axi_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FF827E8-02BE-42C0-A0CE-B649601847E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9105axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F93DF4-67DB-4B30-AC22-60C67DF32DB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9105axw_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C9309C6-EC43-4EB9-BD7A-CBCC581AA58C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9105axw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59C77B06-3C22-4092-AAAB-DB099A0B16A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9115_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EEB7E5B-AE32-455A-A351-368FB78E5276",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4081C532-3B10-4FBF-BB22-5BA17BC6FCF8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9115_ap_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EE86352-EEDB-4890-87B8-025EA970219B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56A3430C-9AF7-4604-AD95-FCF2989E9EB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9115axe_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C3DCF4E-081A-4375-A4A0-AAAD8F024114",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115axe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE4C56A6-E843-498A-A17B-D3D1B01E70E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9115axi_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B69CC2B-CD3A-4BEF-8FF1-9925E460B049",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F050F416-44C3-474C-9002-321A33F288D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9117_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06C11A3E-E431-4923-AEBA-25E3247F19C3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9117:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCE2220-E2E6-4A17-9F0A-2C927FAB4AA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9117_ap_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E48E571-AE00-47E2-BABC-849A63DBDCF4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9117_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4AE36E2-E7E9-4E49-8BFF-615DACFC65C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9117axi_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9A46503-A8BD-4F95-BAB0-2DE5D689DD4F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9117axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A699C5C-CD03-4263-952F-5074B470F20E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9120_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA2B34D-533C-4316-AD59-EA2FCF10B9F0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A47C2D6F-8F90-4D74-AFE1-EAE954021F46",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9120_ap_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A8A6B51-5192-4B98-9D94-682290890074",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C04889F8-3C2A-41AA-9DC9-5A4A4BBE60E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9120axe_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D07AB0E3-151D-4D80-A482-41E7A27AE068",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120axe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46D41CFE-784B-40EE-9431-8097428E5892",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9120axi_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A99728C-9E6B-4249-BAAA-C080109EFC4A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D148A27-85B6-4883-96B5-343C8D32F23B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9120axp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C73A651-932E-43CA-B40F-2F75510AEE36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120axp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "735CA950-672C-4787-8910-48AD07868FDE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9124_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A71D9CA-91DF-48DD-AE3D-DED883666A75",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9124:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C11EF240-7599-4138-B7A7-17E4479F5B83",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9124axd_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF43EC0A-AC28-408A-8375-11CE249217A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9124axd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E987C945-4D6D-4BE5-B6F0-784B7E821D11",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9124axi_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABA19FD7-047B-43AA-9237-807AAA2E9F7D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9124axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B434C6D7-F583-4D2B-9275-38A5EC4ECC30",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9130_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19D85A86-1D8B-4006-8BF7-4593B1D7EB70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1C8E35A-5A9B-4D56-A753-937D5CFB5B19",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9130_ap_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "166D74EA-8820-4C78-B43B-FCBC9779FCB7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "248A3FFC-C33C-4336-A37C-67B6046556E5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9130axe_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67C380AE-C888-4AED-80D2-B9AF5EB9EC85",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130axe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EC1F736-6240-4FA2-9FEC-D8798C9D287C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9130axi_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1AA48001-7F56-4155-B70D-5DC41D73DB38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "169E5354-07EA-4639-AB4B-20D2B9DE784C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_iw6300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB09D94E-A6B2-496D-87A3-53CB9872FA69",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C559D6F7-B432-4A2A-BE0E-9697CC412C70",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_iw6300_ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4AFA1C-5A9E-4DF4-B9C7-66EF918548C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300_ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23153AA4-B169-4421-BFF8-873205FC9C21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_iw6300_dc_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE3E846C-359B-4EF1-AD68-DE612C5697F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300_dc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67DC3B71-B64D-4C49-B089-B274FA34ECB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_iw6300_dcw_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CFE9F2D-407B-49CE-BB6C-80DC941A9371",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300_dcw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F857465-314F-4124-9835-8A269486D654",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:esw-6300-con-x-k9_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90A743E4-1302-4DAB-9300-65D8F468C8F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:esw-6300-con-x-k9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3625BC-9003-4E07-B4EA-EB44CADDD6B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:esw6300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3EBAC6D-93DB-4380-8B6E-61555A9C8A3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:esw6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09051BC5-CFE7-43EF-975D-BF77724E8776",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_6861_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD79F5E4-AA2D-40EB-9E59-2FEB4FD49ECD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_6861:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C05A7CA6-AD58-45D7-AF32-129E22855D8E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8821_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A138C033-0F4D-41F8-B0FF-CDE9261DA7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8821:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36C99E0B-0383-4CB3-B325-EC0F3D57D39D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8832_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2CDAD5D-3702-42EE-AE5A-A08842870EEA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5EA5C6B-243B-419A-9C60-1CDBD039C1D8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8861_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CC9DD95-DC0E-4A47-A0EB-32D551B323CD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8861:-:*:*:*:*:*:*:*",
"matchCriteriaId": "090EE553-01D5-45F0-87A4-E1167F46EB77",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8865_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAAB671-8EBF-4D9C-9AA5-E3C306CDB931",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8865:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB99B9AB-64B5-4989-9579-A1BB5D2D87EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ir829-2lte-ea-ak9_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB907B21-237D-4629-964C-408B5AD590E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ir829-2lte-ea-ak9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB62C534-29F8-48CA-9D45-42C49CE68577",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ir829-2lte-ea-bk9_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E2F956BF-E845-43FF-87A8-EA62DDFB1228",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ir829-2lte-ea-bk9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B670C5A3-4E19-428F-87D0-C2B12EE2CB92",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ir829-2lte-ea-ek9_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4541452E-32E8-451B-B8F3-1118ECCBAE50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ir829-2lte-ea-ek9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BF5C3D3-833D-405B-8E1E-ED3BC29CD5E0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ir829gw-lte-ga-ck9_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5C512E9-F7A6-492E-BE4B-93858E34CCD9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ir829gw-lte-ga-ck9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8D39174-298E-4C06-A289-B0C4585B2E99",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ir829gw-lte-ga-ek9_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6041298-45A9-41CB-A644-55D5DC40B5D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ir829gw-lte-ga-ek9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB259DDC-AB98-405E-A369-49A3B89F48F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ir829gw-lte-ga-sk9_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A1385AA-FACE-4150-93E8-610A73F90CCB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ir829gw-lte-ga-sk9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99B57D05-6702-4026-9E36-0CBEC6BE8001",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ir829gw-lte-ga-zk9_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "715401BE-1E29-4260-9D10-245C6246BE94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ir829gw-lte-ga-zk9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC62F7A8-9D57-4703-A7DF-451C2CA75919",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ir829gw-lte-na-ak9_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC762476-57D4-40E8-BE70-2F6861F31EF7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ir829gw-lte-na-ak9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78F497A3-8153-4524-9E8D-2CFDCF2ADCDE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ir829gw-lte-vz-ak9_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "795A3C41-753D-4590-B71F-37E9DD7DD5D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ir829gw-lte-vz-ak9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61BD4298-A8D5-4D7C-A9D9-694606042C12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_gr10_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E9F6455-59CC-4A3B-AFDD-60B5DD1E9ECF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_gr10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EF406E2-A24B-4D94-B4F7-2186B1D82462",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_gr60_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC624300-4EBB-44B9-9D90-F411368FE60A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_gr60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33B44092-CC37-4683-920D-8F84C60CCCEF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr12_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9005D484-CEF5-4B8D-86B0-6CB5860A157E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03F4DBFC-42FC-44FD-9EDF-4C0C92053E4B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr20_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE66B0F4-1211-40A4-BDB3-D8F6C74678AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07B1207B-C065-483D-8AB3-6B9CEC4D3C7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr26_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06205774-F85A-42F8-B599-1A529BBFA68B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr26:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60D19311-A114-455C-9011-004446C80E27",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr30h_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C922D55-E2DC-4970-A381-30F95CEB038B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr30h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "602DA0AF-86EB-4A01-BDE3-43596DEC746A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr32_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B2718D7-1D20-40D5-9E43-7AE1AA7AFCCF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E011F146-3AB9-446D-ACFD-FE5B021735D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr33_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFB4CE7A-6FC1-4171-A743-CD8BB14C9864",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr33:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12E670DC-C4D2-4277-A4DD-222D60A7CDB1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr34_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7449719-1071-41B8-BDE9-81ACFBEE5D0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr34:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814ADA42-72A9-48D6-B524-5F5BD76F3059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr36_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25616833-BCF6-4611-A9AB-248F761C5603",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr36:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A66108F-5CED-4D41-8EE9-9479090B31DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr42_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92DD4610-420C-459B-9B05-85600EF466D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr42:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18E7D194-AA15-43CD-9019-7B286F528773",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr42e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78B15252-5725-4B7B-8DBE-10251EB9C212",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr42e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FB4754D-3B94-42AA-A150-6BDFF42B3270",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr44_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63217CCA-1926-46AD-956E-702A94420D91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr44:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07E495B6-CA7A-4F58-99A2-550F83E1E020",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr45_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B9BC8A2-451A-4BDE-B073-FF39DD9E5D90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr45:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4F47740-D0F3-478B-AFC3-51EB3AED34A4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr46_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DC56150-D025-40A9-B350-8E95B62D236C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr46:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27E9718F-E50B-412F-86D7-DA6F39056006",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr46e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "914C5C0C-EACD-4A4C-83B2-26AA4EF283D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr46e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6B83072-84F6-43A4-9CC1-32924AFCC737",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr52_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F09491-2234-4C86-A80C-445B48A9FE78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr52:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5634D1AB-B64D-44D0-A431-FE52E879B4BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr53_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8998B44-D926-46F9-AF3F-02EEF99680A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr53:-:*:*:*:*:*:*:*",
"matchCriteriaId": "920CF4B6-9424-48DA-9622-FB0C0510E52F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr53e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746D2300-CA9A-4C09-9A2B-FCC9DAEC74EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr53e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EC322AE-6731-41F3-9C59-8CF9622D997A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr55_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79419F89-0F01-4FD7-9102-ABFAFF3F2424",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr55:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0036877-C975-4AC7-B933-E5BC5E300B44",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr56_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC64210E-A2F8-42DC-AB94-2547A51F63C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr56:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E37474E5-76DE-4326-A5A8-D8900A8A2F62",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr62_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "089164E3-B852-43BA-8C2C-FEE1C267C58C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr62:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F8F3095-F280-44B0-8BC6-50221247ACE1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr66_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27DA3F64-514B-4DB7-A6B0-6A303F296DC7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr66:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBB99337-4422-46AB-9B79-A96CE207AC28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr70_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD532656-21FE-4F82-846E-C8CB752B87F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr70:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37D7E013-920A-4C32-98C1-FBD7C450DD88",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr72_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E80D395-C853-41A3-8438-BF880C799A01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr72:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68086DA9-AD50-41DC-B8B5-D9BB0512C6B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr74_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8181BA-846A-4D83-9DB9-B915B9EFFD7C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr74:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366ABABA-D9C5-4D46-9516-7262AA32D4CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr76_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B02C40A8-0294-4C3D-8AC9-8D56AF1D2B4E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr76:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D071FC26-097A-432B-8900-DA02D3116D29",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr84_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D4901FE-B1AE-4CAB-9D91-139737B6E832",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr84:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9543B910-A999-4CEF-B06A-3F1A46784BF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr86_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC06358C-6F27-4A27-8553-CF138D4214CC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr86:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A57AA24E-09E0-4EB6-9580-A68267767119",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx64w_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15CD8683-DFB3-45E3-B6E2-92AFD846B0BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1038F5F-020D-41FD-9C3D-F2685F1EA916",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx65w_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01AD96C5-1620-4339-94E7-343E1ADAAC4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx65w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69A23113-F7E1-4587-A4FF-A4AAB446A69D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx67cw_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F910935-E534-462D-8045-71C58BDD7285",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx67cw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E85585DA-C918-445B-9B44-B2B1A982A1F7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx67w_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B2F5CB3-1AE0-4905-A28B-090FDA56622E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2529662-8A54-4DFC-80E7-922CF22DE2F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx68cw_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39884334-73AF-4E98-B05A-20FFF82B5DF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18E682AA-05AD-483F-915F-A2B2C98233B7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx68w_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85EF67F0-973F-4FD1-8077-CE68D2AB1149",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03F9C184-3811-4A26-846D-54ECE7CF939F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_z3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04CF5026-CC39-48FF-A8F0-8E31A425343E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_z3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB81CFD0-9558-47AB-96E4-CB21C1AA9159",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_z3c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F97974E-3C2B-49DB-A0FA-B5FEE7C98B18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_z3c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6646F004-E0E0-4316-A022-2793C28FBCCC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_board_55_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61A0EF95-7CC5-4EE2-A5D8-803195F63F49",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_board_55:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6554B9F-CD89-49B4-B55A-510B1C881C4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_board_55s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68546316-D08D-4E0B-BDDE-BF6320B730EB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_board_55s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0EC6FF-44F6-4033-BDAF-A396C2635D3F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_board_70_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85FDA9FB-BB79-4A60-B825-D68B3719BFE3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_board_70:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A85B502B-2F55-4CA5-9AAA-0CD5BBA45EB7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_board_70s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5565DF04-82F3-40C7-8E82-44A0DA72398B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_board_70s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15073B83-81ED-4E98-8521-1320F8120C3F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_board_85s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CA125CA-2BF9-4F22-8F8B-DC2E09A19E51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_board_85s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31842684-B05D-4E17-9229-EC6993E78612",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_dx70_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69224767-0E2B-4A85-A7F1-77C6B41668DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_dx70:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EEB693F-64A4-46CC-B7AB-8BC0AA84F9E1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_dx80_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53BE3D06-730E-44E2-B3B0-ED29AB5D1BF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_dx80:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C17B385C-68D5-4FF5-AE40-6EDA46E3ACB7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_room_55_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90095155-ABC0-43C9-896A-55A797EC2055",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_room_55:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A983D4D-9E04-45CE-BE3C-9FCD0018837F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_room_55_dual_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E5ABF29-B908-4A43-B3CC-9145721727A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_room_55_dual:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A36CB8A-C74F-46B4-BFCE-523488D33B93",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_room_70_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA1BD59F-078D-45D2-AC39-C479A4C6E7CA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_room_70:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD45F341-FAD8-4B10-B28C-8697E51C6B61",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_room_70_dual_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB5631A8-0201-432E-9912-B99D44D757DB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_room_70_dual:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB2955F-2C82-4668-8C0B-412BEFE0E09E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_room_70_dual_g2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A16E007C-A310-474D-8174-EC98FEDDCE76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_room_70_dual_g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E028E3-2DEB-4015-9BB0-97413DE60A47",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_room_70_single_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE92390-9835-4556-A439-5A6FE108A9AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_room_70_single:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B47AE71-CF1B-402B-BB60-645A856A632D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_room_70_single_g2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEB8DBF7-428A-42D4-8D52-8FF1329D3A56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_room_70_single_g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C05259D-1F6C-440C-BCF4-A87BCC2EEA81",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_room_kit_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3610C3BC-6994-443F-BD27-0D11293C4079",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_room_kit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AD5AD81-0976-483E-AA31-6D53A63A8D90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_room_kit_mini_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31D7CC29-6916-4A75-86DE-0BC4FBA3A639",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_room_kit_mini:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D320D1AC-EAA7-45FD-B932-FC9554934BC1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:ac_8260_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28B0DBF3-63BB-40EF-9D46-E32D074D73DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:ac_8260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5A8F30C-6BB7-4CC6-ADBE-1859DAF66C58",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:ac_8265_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E5ADC21-F308-4CAA-8E98-4E7FDC7EDAAC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:ac_8265:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C08E2F3E-C4B5-4227-A88D-C50E209A12CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:ac_9260_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E2915178-6BB6-45EE-A19D-EDB5B78F2BE2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:ac_9260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2795E42-D044-4D48-BCB2-61CC1A3471B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:ac_9560_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7154EAF0-2E61-4813-B443-C4556137EB4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:ac_9560:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D382D4A1-C8FD-4B47-B2C4-145232EC8AC5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:killer_ac_1550_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7262E71-08D0-4F5E-8445-1FA0E2243340",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:killer_ac_1550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA05D5D2-F6C1-4FBB-B334-73F30F108562",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:killer_wi-fi_6_ax1650_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2249BC-F119-471D-9D71-4690A65A1020",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:killer_wi-fi_6_ax1650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E239C04-1D6B-4305-9340-BFEC3E54E19A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:killer_wi-fi_6e_ax1675_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CA43945-7F16-4A50-9E25-D91EE4A270F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:killer_wi-fi_6e_ax1675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "35F09C95-25BD-440A-AD79-8510E54F8DD9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:proset_ac_3165_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "662CE728-C754-465B-A4AC-E63D5115EFC4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:proset_ac_3165:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C527CEB1-3D59-4ACD-B67F-B3919AFCE54C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:proset_ac_3168_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "160C541B-2617-4199-914D-ECE3A0791397",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:proset_ac_3168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA1FA4A0-728B-4DB1-BA3C-CA80ECBA8624",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:proset_ac_8260_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9C7F70F-207C-4D8C-8C3E-08C7772810F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:proset_ac_8260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB7638C7-6F12-4C10-8B6D-5F866950CA05",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:proset_ac_8265_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA4C0E13-8027-4375-AA26-764DAD7E3C9B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:proset_ac_8265:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CDDDE40-5D30-49AF-91C0-9A4FA7741201",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:proset_ac_9260_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30A4744B-DA96-4614-AA99-9198A6D4C442",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:proset_ac_9260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09145915-AFD1-4D5D-8178-8571C43A0BA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:proset_ac_9461_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63756272-F713-4249-91C2-F29A382C63A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:proset_ac_9461:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1950BF4-323D-4A25-A645-3ED60ED6F3AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:proset_ac_9462_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFDF863-4FB2-4D21-8744-A82A7C0EAA76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:proset_ac_9462:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28157739-A073-4B01-B308-470841344A2F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:proset_ac_9560_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42D55365-A759-4F72-B85D-5C13710F2AF6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:proset_ac_9560:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52B5EF48-BA3E-470C-9C68-12CEF8EFF045",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:proset_wi-fi_6_ax200_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8531052-3602-4309-93A9-CA7020EF95F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:proset_wi-fi_6_ax200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB9FC918-AC9F-4C15-8404-1C2E8DC506A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:proset_wi-fi_6_ax201_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB831D03-30CD-4218-9E69-13FC12115805",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:proset_wi-fi_6_ax201:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A7944D-2BB4-47A9-A2F5-AB68A9FC8C70",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:proset_wi-fi_6e_ax210_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "049297F7-84C0-4AD0-8806-AA41AC02CEAE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:proset_wi-fi_6e_ax210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77EADB2D-F10B-40A9-A938-A89EE0FEFF60",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:proset_wireless_7265_\\(rev_d\\)_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C67C7D-DA10-47A7-8407-5624981DFBE8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:proset_wireless_7265_\\(rev_d\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BFF8901-DEFF-4D08-8692-571682DE8582",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:wi-fi_6_ax200_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55FD8273-3968-4A85-A4FF-00CCE3B89C25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:wi-fi_6_ax200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D653F9C-5B2E-400F-8F50-BFE466F08F0E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:wi-fi_6_ax201_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2DF0C27-886C-48F8-83DA-85BE0F239DD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:wi-fi_6_ax201:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0433774-9479-4A01-B697-1379AEA223C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en el controlador ALFA de Windows 10 versi\u00f3n 6.1316.1209 para AWUS036H. Las implementaciones WEP, WPA, WPA2 y WPA3 aceptan tramas de texto plano en una red Wi-Fi protegida. Un adversario puede abusar de esto para inyectar tramas de datos arbitrarias independientes de la configuraci\u00f3n de la red"
}
],
"id": "CVE-2020-26140",
"lastModified": "2026-04-14T09:16:22.753",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-11T20:15:08.687",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.fragattacks.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.fragattacks.com"
},
{
"source": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-019200.html"
},
{
"source": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-913875.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-327"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-PX4F-Q3PW-J682
Vulnerability from github – Published: 2022-05-24 19:01 – Updated: 2026-04-14 09:30
VLAI
Details
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
Severity
6.5 (Medium)
{
"affected": [],
"aliases": [
"CVE-2020-26140"
],
"database_specific": {
"cwe_ids": [
"CWE-327",
"CWE-74"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-05-11T20:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.",
"id": "GHSA-px4f-q3pw-j682",
"modified": "2026-04-14T09:30:37Z",
"published": "2022-05-24T19:01:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26140"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-019200.html"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-913875.html"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"type": "WEB",
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"type": "WEB",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
},
{
"type": "WEB",
"url": "https://www.fragattacks.com"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GSD-2020-26140
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-26140",
"description": "An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.",
"id": "GSD-2020-26140",
"references": [
"https://www.suse.com/security/cve/CVE-2020-26140.html",
"https://access.redhat.com/errata/RHSA-2021:4356",
"https://access.redhat.com/errata/RHSA-2021:4140",
"https://security.archlinux.org/CVE-2020-26140",
"https://linux.oracle.com/cve/CVE-2020-26140.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-26140"
],
"details": "An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.",
"id": "GSD-2020-26140",
"modified": "2023-12-13T01:22:08.557232Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-26140",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"name": "https://www.fragattacks.com",
"refsource": "MISC",
"url": "https://www.fragattacks.com"
},
{
"name": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md",
"refsource": "MISC",
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63",
"refsource": "MISC",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:alfa:awus036h_firmware:6.1316.1209:*:*:*:*:windows_10:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:alfa:awus036h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w1748-1_firmware:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w1748-1:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w1750d_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w1788-1_firmware:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w1788-1:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w1788-2_firmware:-:*:*:*:*:*:eec_m12:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w1788-2:-:*:*:*:*:*:eec_m12:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w1788-2_firmware:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w1788-2:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w1788-2ia_firmware:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w1788-2ia:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w721-1_firmware:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w721-1:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w722-1_firmware:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w722-1:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w734-1_firmware:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w734-1:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w738-1_firmware:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w738-1:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w748-1_firmware:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w748-1:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w748-1_firmware:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w748-1:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w761-1_firmware:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w761-1:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w774-1_firmware:-:*:*:*:*:*:m12_eec:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w774-1:-:*:*:*:*:*:m12_eec:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w774-1_firmware:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w774-1:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w778-1_firmware:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w778-1:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w778-1_firmware:-:*:*:*:*:*:m12_eec:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w778-1:-:*:*:*:*:*:m12_eec:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w786-1_firmware:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w786-1:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w786-2_firmware:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w786-2:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w786-2_firmware:-:*:*:*:*:*:sfp:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w786-2:-:*:*:*:*:*:sfp:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w786-2ia_firmware:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w786-2ia:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w788-1_firmware:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w788-1:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w788-1_firmware:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w788-1:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w788-2_firmware:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w788-2:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w788-2_firmware:-:*:*:*:*:*:m12_eec:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w788-2:-:*:*:*:*:*:m12_eec:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w788-2_firmware:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w788-2:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_wam763-1_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_wam763-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_wam766-1_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_wam766-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_wam766-1_firmware:-:*:*:*:*:*:eec:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_wam766-1:-:*:*:*:*:*:eec:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_wam766-1_6ghz_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_wam766-1_6ghz:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_wam766-1_6ghz_firmware:-:*:*:*:*:*:eec:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_wam766-1_6ghz:-:*:*:*:*:*:eec:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_wum763-1_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_wum763-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_wum766-1_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_wum766-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_wum766-1_6ghz_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_wum766-1_6ghz:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:c-100_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:c-100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:c-110_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:c-110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:c-120_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:c-120:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:c-130_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:c-130:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:c-200_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:c-200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:c-230_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:c-230:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:c-235_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:c-235:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:c-250_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:c-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:c-260_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:c-260:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:c-65_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:c-65:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:c-75_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:c-75:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:o-105_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:o-105:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:o-90_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:o-90:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:w-118_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:w-118:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:w-68_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:w-68:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:1100_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:1100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:1100-4p_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:1100-4p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:1100-8p_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:1100-8p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:1101-4p_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:1101-4p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:1109-2p_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:1109-2p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:1109-4p_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:1109-4p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1532_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1532:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1542d_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1542i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1542i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1552_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1552:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1552h_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1552h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1560_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1560:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1562d_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1562d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1562e_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1562e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1562i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1562i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1572_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1572:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1702_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1702:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1800_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1800i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1800i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1810_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1810:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1810w_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1810w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1815_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1815:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1815i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1815i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1832_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1832:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1842_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1842:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1852_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1852:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_2702_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_2702:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_2800_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_2800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_2800e_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_2800e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_2800i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_2800i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_3702_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_3702:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_3800_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_3800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_3800e_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_3800e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_3800i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_3800i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_3800p_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_3800p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_4800_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_ap803_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_ap803:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_iw3702_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_iw3702:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9105_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9105:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9105axi_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9105axi:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9105axw_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9105axw:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9115_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9115_ap_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9115_ap:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9115axe_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9115axe:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9115axi_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9115axi:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9117_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9117:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9117_ap_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9117_ap:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9117axi_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9117axi:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9120_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9120_ap_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9120_ap:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9120axe_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9120axe:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9120axi_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9120axi:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9120axp_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9120axp:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9124_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9124:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9124axd_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9124axd:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9124axi_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9124axi:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9130_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9130_ap_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9130_ap:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9130axe_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9130axe:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9130axi_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9130axi:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_iw6300_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_iw6300_ac_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_iw6300_ac:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_iw6300_dc_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_iw6300_dc:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_iw6300_dcw_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_iw6300_dcw:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:esw-6300-con-x-k9_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:esw-6300-con-x-k9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:esw6300_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:esw6300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ip_phone_6861_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ip_phone_6861:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ip_phone_8821_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ip_phone_8821:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ip_phone_8832_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ip_phone_8832:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ip_phone_8861_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ip_phone_8861:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ip_phone_8865_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ip_phone_8865:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ir829-2lte-ea-ak9_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ir829-2lte-ea-ak9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ir829-2lte-ea-bk9_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ir829-2lte-ea-bk9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ir829-2lte-ea-ek9_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ir829-2lte-ea-ek9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ir829gw-lte-ga-ck9_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ir829gw-lte-ga-ck9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ir829gw-lte-ga-ek9_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ir829gw-lte-ga-ek9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ir829gw-lte-ga-sk9_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ir829gw-lte-ga-sk9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ir829gw-lte-ga-zk9_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ir829gw-lte-ga-zk9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ir829gw-lte-na-ak9_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ir829gw-lte-na-ak9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ir829gw-lte-vz-ak9_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ir829gw-lte-vz-ak9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_gr10_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_gr10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_gr60_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_gr60:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr12_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr12:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr20_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr26_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr26:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr30h_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr30h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr32_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr32:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr33_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr33:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr34_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr34:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr36_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr36:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr42_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr42:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr42e_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr42e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr44_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr44:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr45_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr45:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr46_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr46:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr46e_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr46e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr52_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr52:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr53_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr53:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr53e_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr53e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr55_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr55:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr56_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr56:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr62_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr62:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr66_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr66:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr70_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr70:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr72_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr72:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr74_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr74:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr76_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr76:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr84_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr84:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr86_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr86:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx64w_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx65w_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx65w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx67cw_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx67cw:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx67w_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx68cw_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx68w_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_z3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_z3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_z3c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_z3c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_board_55_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_board_55:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_board_55s_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_board_55s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_board_70_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_board_70:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_board_70s_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_board_70s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_board_85s_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_board_85s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_dx70_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_dx70:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_dx80_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_dx80:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_room_55_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_room_55:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_room_55_dual_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_room_55_dual:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_room_70_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_room_70:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_room_70_dual_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_room_70_dual:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_room_70_dual_g2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_room_70_dual_g2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_room_70_single_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_room_70_single:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_room_70_single_g2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_room_70_single_g2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_room_kit_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_room_kit:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_room_kit_mini_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_room_kit_mini:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:ac_8260_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:ac_8260:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:ac_8265_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:ac_8265:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:ac_9260_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:ac_9260:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:ac_9560_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:ac_9560:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:killer_ac_1550_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:killer_ac_1550:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:killer_wi-fi_6_ax1650_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:killer_wi-fi_6_ax1650:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:killer_wi-fi_6e_ax1675_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:killer_wi-fi_6e_ax1675:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:proset_ac_3165_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:proset_ac_3165:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:proset_ac_3168_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:proset_ac_3168:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:proset_ac_8260_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:proset_ac_8260:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:proset_ac_8265_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:proset_ac_8265:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:proset_ac_9260_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:proset_ac_9260:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:proset_ac_9461_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:proset_ac_9461:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:proset_ac_9462_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:proset_ac_9462:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:proset_ac_9560_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:proset_ac_9560:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:proset_wi-fi_6_ax200_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:proset_wi-fi_6_ax200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:proset_wi-fi_6_ax201_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:proset_wi-fi_6_ax201:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:proset_wi-fi_6e_ax210_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:proset_wi-fi_6e_ax210:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:proset_wireless_7265_\\(rev_d\\)_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:proset_wireless_7265_\\(rev_d\\):-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:wi-fi_6_ax200_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:wi-fi_6_ax200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:wi-fi_6_ax201_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:wi-fi_6_ax201:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-26140"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": []
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.fragattacks.com",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://www.fragattacks.com"
},
{
"name": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"refsource": "CISCO",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2022-09-03T03:55Z",
"publishedDate": "2021-05-11T20:15Z"
}
}
}
ICSA-21-236-01
Vulnerability from csaf_cisa - Published: 2021-08-24 00:00 - Updated: 2021-08-24 00:00Summary
Hitachi ABB Power Grids TropOS
Notes
CISA Disclaimer: This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice: All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation: Successful exploitation of these vulnerabilities could allow an attacker to direct a client that is connected to a TropOS Wi-Fi access point to fake websites and extract sensitive data.
Critical infrastructure sectors: Critical Manufacturing, Energy
Countries/areas deployed: Worldwide
Company headquarters location: Switzerland
Recommended Practices: CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:
Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Exploitability: These vulnerabilities are not exploitable remotely. No known public exploits specifically target these vulnerabilities.
CWE-74
- Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
TropOS: Firmware Version 8.9.4.8 and prior
Hitachi Energy / TropOS
|
<= 8.9.4.8 |
Mitigation
fix
Vendor Fix
Mitigation
Mitigation
Mitigation
|
6.5 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
TropOS: Firmware Version 8.9.4.8 and prior
Hitachi Energy / TropOS
|
<= 8.9.4.8 |
Mitigation
fix
Vendor Fix
Mitigation
Mitigation
Mitigation
|
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
TropOS: Firmware Version 8.9.4.8 and prior
Hitachi Energy / TropOS
|
<= 8.9.4.8 |
Mitigation
fix
Vendor Fix
Mitigation
Mitigation
Mitigation
|
5.4 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
TropOS: Firmware Version 8.9.4.8 and prior
Hitachi Energy / TropOS
|
<= 8.9.4.8 |
Mitigation
fix
Vendor Fix
Mitigation
Mitigation
Mitigation
|
References
24 references
Acknowledgments
Hitachi ABB Power Grids
{
"document": {
"acknowledgments": [
{
"organization": "Hitachi ABB Power Grids",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could allow an attacker to direct a client that is connected to a TropOS Wi-Fi access point to fake websites and extract sensitive data.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing, Energy",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Switzerland",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "These vulnerabilities are not exploitable remotely. No known public exploits specifically target these vulnerabilities.\n",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-21-236-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-236-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-21-236-01 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-236-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/ncas/tips/ST04-014"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Hitachi ABB Power Grids TropOS",
"tracking": {
"current_release_date": "2021-08-24T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-21-236-01",
"initial_release_date": "2021-08-24T00:00:00.000000Z",
"revision_history": [
{
"date": "2021-08-24T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-21-236-01 Hitachi ABB Power Grids TropOS"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 8.9.4.8",
"product": {
"name": "TropOS: Firmware Version 8.9.4.8 and prior",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "TropOS"
}
],
"category": "vendor",
"name": "Hitachi Energy"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-24586",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The 802.11 standard that underpins Wi-Fi protected access (WPA, WPA2, and WPA3) and wired equivalent privacy (WEP) does not require received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this vulnerability can be exploited to inject arbitrary network packets and/or exfiltrate user data.CVE-2020-24586 has been assigned to this vulnerability. A CVSS v3 base score of 3.5 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-24586"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Hitachi ABB Power Grids recommends updating to firmware v8.9.4.9 or later, which resolves these vulnerabilities. For additional information on these vulnerabilities, including update instructions, please see the Hitachi ABB Power Grids security advisory.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107992A4463\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "vendor_fix",
"details": "Disable the Wi-Fi access on any TropOS unit where local Wi-Fi access is not required. This is achieved by NOT enabling (or disabling) the local access SSID.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Where Wi-Fi access is required, wherever possible ensure physical access to the local area is restricted to approved staff only.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use the Wi-Fi whitelist capability to restrict Wi-Fi access to only approved personnel.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As the FragAttacks vulnerability is targeted at an end-user device and generally involves redirection to fraudulent websites, the installation of comprehensive firewall capabilities on company end-user devices and servers will significantly reduce the likelihood of negative outcomes.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-24587",
"cwe": {
"id": "CWE-326",
"name": "Inadequate Encryption Strength"
},
"notes": [
{
"category": "summary",
"text": "The 802.11 standard that underpins Wi-Fi protected access (WPA, WPA2, and WPA3) and wired equivalent privacy (WEP) does not require all fragments of a frame are encrypted under the same key. An adversary could exploit this vulnerability to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.CVE-2020-24587 has been assigned to this vulnerability. A CVSS v3 base score of 2.6 has been calculated; the CVSS vector string is (AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-24587"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Hitachi ABB Power Grids recommends updating to firmware v8.9.4.9 or later, which resolves these vulnerabilities. For additional information on these vulnerabilities, including update instructions, please see the Hitachi ABB Power Grids security advisory.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107992A4463\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "vendor_fix",
"details": "Disable the Wi-Fi access on any TropOS unit where local Wi-Fi access is not required. This is achieved by NOT enabling (or disabling) the local access SSID.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Where Wi-Fi access is required, wherever possible ensure physical access to the local area is restricted to approved staff only.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use the Wi-Fi whitelist capability to restrict Wi-Fi access to only approved personnel.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As the FragAttacks vulnerability is targeted at an end-user device and generally involves redirection to fraudulent websites, the installation of comprehensive firewall capabilities on company end-user devices and servers will significantly reduce the likelihood of negative outcomes.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-24588",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"category": "summary",
"text": "The 802.11 standard that underpins Wi-Fi protected access (WPA, WPA2, and WPA3) and wired equivalent privacy (WEP) does not require the A-MSDU flag in the plaintext QoS header field be authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary could exploit this vulnerability to inject arbitrary network packets.CVE-2020-24588 has been assigned to this vulnerability. A CVSS v3 base score of 3.5 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-24588"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Hitachi ABB Power Grids recommends updating to firmware v8.9.4.9 or later, which resolves these vulnerabilities. For additional information on these vulnerabilities, including update instructions, please see the Hitachi ABB Power Grids security advisory.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107992A4463\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "vendor_fix",
"details": "Disable the Wi-Fi access on any TropOS unit where local Wi-Fi access is not required. This is achieved by NOT enabling (or disabling) the local access SSID.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Where Wi-Fi access is required, wherever possible ensure physical access to the local area is restricted to approved staff only.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use the Wi-Fi whitelist capability to restrict Wi-Fi access to only approved personnel.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As the FragAttacks vulnerability is targeted at an end-user device and generally involves redirection to fraudulent websites, the installation of comprehensive firewall capabilities on company end-user devices and servers will significantly reduce the likelihood of negative outcomes.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-26139",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "summary",
"text": "An access point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.CVE-2020-26139 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is (AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26139"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Hitachi ABB Power Grids recommends updating to firmware v8.9.4.9 or later, which resolves these vulnerabilities. For additional information on these vulnerabilities, including update instructions, please see the Hitachi ABB Power Grids security advisory.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107992A4463\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "vendor_fix",
"details": "Disable the Wi-Fi access on any TropOS unit where local Wi-Fi access is not required. This is achieved by NOT enabling (or disabling) the local access SSID.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Where Wi-Fi access is required, wherever possible ensure physical access to the local area is restricted to approved staff only.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use the Wi-Fi whitelist capability to restrict Wi-Fi access to only approved personnel.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As the FragAttacks vulnerability is targeted at an end-user device and generally involves redirection to fraudulent websites, the installation of comprehensive firewall capabilities on company end-user devices and servers will significantly reduce the likelihood of negative outcomes.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-26140",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can exploit this vulnerability to inject arbitrary data frames independent of the network configuration.CVE-2020-26140 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26140"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Hitachi ABB Power Grids recommends updating to firmware v8.9.4.9 or later, which resolves these vulnerabilities. For additional information on these vulnerabilities, including update instructions, please see the Hitachi ABB Power Grids security advisory.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107992A4463\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "vendor_fix",
"details": "Disable the Wi-Fi access on any TropOS unit where local Wi-Fi access is not required. This is achieved by NOT enabling (or disabling) the local access SSID.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Where Wi-Fi access is required, wherever possible ensure physical access to the local area is restricted to approved staff only.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use the Wi-Fi whitelist capability to restrict Wi-Fi access to only approved personnel.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As the FragAttacks vulnerability is targeted at an end-user device and generally involves redirection to fraudulent websites, the installation of comprehensive firewall capabilities on company end-user devices and servers will significantly reduce the likelihood of negative outcomes.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-26141",
"cwe": {
"id": "CWE-354",
"name": "Improper Validation of Integrity Check Value"
},
"notes": [
{
"category": "summary",
"text": "The Wi-Fi implementation does not verify the message integrity check (authenticity) of fragmented TKIP frames. An adversary can exploit this vulnerability to inject and decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol.CVE-2020-26141 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26141"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Hitachi ABB Power Grids recommends updating to firmware v8.9.4.9 or later, which resolves these vulnerabilities. For additional information on these vulnerabilities, including update instructions, please see the Hitachi ABB Power Grids security advisory.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107992A4463\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "vendor_fix",
"details": "Disable the Wi-Fi access on any TropOS unit where local Wi-Fi access is not required. This is achieved by NOT enabling (or disabling) the local access SSID.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Where Wi-Fi access is required, wherever possible ensure physical access to the local area is restricted to approved staff only.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use the Wi-Fi whitelist capability to restrict Wi-Fi access to only approved personnel.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As the FragAttacks vulnerability is targeted at an end-user device and generally involves redirection to fraudulent websites, the installation of comprehensive firewall capabilities on company end-user devices and servers will significantly reduce the likelihood of negative outcomes.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-26142",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can exploit this vulnerability to inject arbitrary network packets independent of the network configuration.CVE-2020-26142 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26142"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Hitachi ABB Power Grids recommends updating to firmware v8.9.4.9 or later, which resolves these vulnerabilities. For additional information on these vulnerabilities, including update instructions, please see the Hitachi ABB Power Grids security advisory.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107992A4463\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "vendor_fix",
"details": "Disable the Wi-Fi access on any TropOS unit where local Wi-Fi access is not required. This is achieved by NOT enabling (or disabling) the local access SSID.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Where Wi-Fi access is required, wherever possible ensure physical access to the local area is restricted to approved staff only.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use the Wi-Fi whitelist capability to restrict Wi-Fi access to only approved personnel.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As the FragAttacks vulnerability is targeted at an end-user device and generally involves redirection to fraudulent websites, the installation of comprehensive firewall capabilities on company end-user devices and servers will significantly reduce the likelihood of negative outcomes.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-26143",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can exploit this vulnerability to inject arbitrary data frames independent of the network configuration.CVE-2020-26143 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26143"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Hitachi ABB Power Grids recommends updating to firmware v8.9.4.9 or later, which resolves these vulnerabilities. For additional information on these vulnerabilities, including update instructions, please see the Hitachi ABB Power Grids security advisory.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107992A4463\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "vendor_fix",
"details": "Disable the Wi-Fi access on any TropOS unit where local Wi-Fi access is not required. This is achieved by NOT enabling (or disabling) the local access SSID.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Where Wi-Fi access is required, wherever possible ensure physical access to the local area is restricted to approved staff only.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use the Wi-Fi whitelist capability to restrict Wi-Fi access to only approved personnel.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As the FragAttacks vulnerability is targeted at an end-user device and generally involves redirection to fraudulent websites, the installation of comprehensive firewall capabilities on company end-user devices and servers will significantly reduce the likelihood of negative outcomes.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-26144",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The WEP, WPA, WPA2, and WPA3 implementations accept plaintext A-MSDU frames as long as the first eight bytes correspond to a valid RFC1042 (i.e., LLC/SNAP) header for EAPOL. An adversary can exploit this vulnerability to inject arbitrary network packets independent of the network configuration.CVE-2020-26144 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26144"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Hitachi ABB Power Grids recommends updating to firmware v8.9.4.9 or later, which resolves these vulnerabilities. For additional information on these vulnerabilities, including update instructions, please see the Hitachi ABB Power Grids security advisory.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107992A4463\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "vendor_fix",
"details": "Disable the Wi-Fi access on any TropOS unit where local Wi-Fi access is not required. This is achieved by NOT enabling (or disabling) the local access SSID.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Where Wi-Fi access is required, wherever possible ensure physical access to the local area is restricted to approved staff only.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use the Wi-Fi whitelist capability to restrict Wi-Fi access to only approved personnel.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As the FragAttacks vulnerability is targeted at an end-user device and generally involves redirection to fraudulent websites, the installation of comprehensive firewall capabilities on company end-user devices and servers will significantly reduce the likelihood of negative outcomes.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-26145",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments when sent in plaintext and process them as full unfragmented frames. An adversary can exploit this vulnerability to inject arbitrary network packets independent of the network configuration.CVE-2020-26145 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26145"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Hitachi ABB Power Grids recommends updating to firmware v8.9.4.9 or later, which resolves these vulnerabilities. For additional information on these vulnerabilities, including update instructions, please see the Hitachi ABB Power Grids security advisory.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107992A4463\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "vendor_fix",
"details": "Disable the Wi-Fi access on any TropOS unit where local Wi-Fi access is not required. This is achieved by NOT enabling (or disabling) the local access SSID.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Where Wi-Fi access is required, wherever possible ensure physical access to the local area is restricted to approved staff only.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use the Wi-Fi whitelist capability to restrict Wi-Fi access to only approved personnel.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As the FragAttacks vulnerability is targeted at an end-user device and generally involves redirection to fraudulent websites, the installation of comprehensive firewall capabilities on company end-user devices and servers will significantly reduce the likelihood of negative outcomes.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-26146",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can exploit this vulnerability to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note: WEP is vulnerable to this attack by design.CVE-2020-26146 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been assigned; the CVSS vector string is (AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26146"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Hitachi ABB Power Grids recommends updating to firmware v8.9.4.9 or later, which resolves these vulnerabilities. For additional information on these vulnerabilities, including update instructions, please see the Hitachi ABB Power Grids security advisory.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107992A4463\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "vendor_fix",
"details": "Disable the Wi-Fi access on any TropOS unit where local Wi-Fi access is not required. This is achieved by NOT enabling (or disabling) the local access SSID.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Where Wi-Fi access is required, wherever possible ensure physical access to the local area is restricted to approved staff only.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use the Wi-Fi whitelist capability to restrict Wi-Fi access to only approved personnel.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As the FragAttacks vulnerability is targeted at an end-user device and generally involves redirection to fraudulent websites, the installation of comprehensive firewall capabilities on company end-user devices and servers will significantly reduce the likelihood of negative outcomes.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-26147",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. An adversary can exploit this vulnerability to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used.CVE-2020-26147 has been assigned to this vulnerability. A CVSS v3 base score of 5.4 has been calculated; the CVSS vector string is (AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26147"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Hitachi ABB Power Grids recommends updating to firmware v8.9.4.9 or later, which resolves these vulnerabilities. For additional information on these vulnerabilities, including update instructions, please see the Hitachi ABB Power Grids security advisory.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107992A4463\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "vendor_fix",
"details": "Disable the Wi-Fi access on any TropOS unit where local Wi-Fi access is not required. This is achieved by NOT enabling (or disabling) the local access SSID.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Where Wi-Fi access is required, wherever possible ensure physical access to the local area is restricted to approved staff only.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use the Wi-Fi whitelist capability to restrict Wi-Fi access to only approved personnel.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "As the FragAttacks vulnerability is targeted at an end-user device and generally involves redirection to fraudulent websites, the installation of comprehensive firewall capabilities on company end-user devices and servers will significantly reduce the likelihood of negative outcomes.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
ICSA-22-102-04
Vulnerability from csaf_cisa - Published: 2022-04-12 00:00 - Updated: 2022-05-12 00:00Summary
Mitsubishi Electric GT25-WLAN
Notes
CISA Disclaimer: This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice: All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation: There are multiple vulnerabilities due to design flaws in the frame fragmentation functionality and the frame aggregation functionality in the Wireless Communication Standards IEEE 802.11. These vulnerabilities could allow an attacker to steal communication contents or inject unauthorized packets.
Critical infrastructure sectors: Critical Manufacturing
Countries/areas deployed: Worldwide
Company headquarters location: Japan
Recommended Practices: CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should: Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet; Locate control system networks and remote devices behind firewalls and isolate them from the business network; When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Exploitability: No known public exploits specifically target these vulnerabilities.
CWE-212
- Improper Removal of Sensitive Information Before Storage or Transfer
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
GT25-WLAN: Version 01.39.000 and earlier
Mitsubishi Electric / GT25-WLAN
|
<= 01.39.000 |
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
|
CWE-326
- Inadequate Encryption Strength
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
GT25-WLAN: Version 01.39.000 and earlier
Mitsubishi Electric / GT25-WLAN
|
<= 01.39.000 |
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
|
CWE-306
- Missing Authentication for Critical Function
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
GT25-WLAN: Version 01.39.000 and earlier
Mitsubishi Electric / GT25-WLAN
|
<= 01.39.000 |
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
|
6.5 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
GT25-WLAN: Version 01.39.000 and earlier
Mitsubishi Electric / GT25-WLAN
|
<= 01.39.000 |
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
|
6.5 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
GT25-WLAN: Version 01.39.000 and earlier
Mitsubishi Electric / GT25-WLAN
|
<= 01.39.000 |
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
|
6.5 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
GT25-WLAN: Version 01.39.000 and earlier
Mitsubishi Electric / GT25-WLAN
|
<= 01.39.000 |
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
|
5.3 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
GT25-WLAN: Version 01.39.000 and earlier
Mitsubishi Electric / GT25-WLAN
|
<= 01.39.000 |
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
fix
Mitigation
fix
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
|
References
17 references
Acknowledgments
Mitsubishi Electric
{
"document": {
"acknowledgments": [
{
"organization": "Mitsubishi Electric",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "There are multiple vulnerabilities due to design flaws in the frame fragmentation functionality and the frame aggregation functionality in the Wireless Communication Standards IEEE 802.11. These vulnerabilities could allow an attacker to steal communication contents or inject unauthorized packets.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Japan",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should: Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet; Locate control system networks and remote devices behind firewalls and isolate them from the business network; When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-22-102-04 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-102-04.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-22-102-04 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-102-04"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Mitsubishi Electric GT25-WLAN",
"tracking": {
"current_release_date": "2022-05-12T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-22-102-04",
"initial_release_date": "2022-04-12T00:00:00.000000Z",
"revision_history": [
{
"date": "2022-04-12T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-22-102-04 Mitsubishi Electric GT25-WLAN"
},
{
"date": "2022-05-12T00:00:00.000000Z",
"legacy_version": "A",
"number": "2",
"summary": "ICSA-22-102-04 Mitsubishi Electric GT25-WLAN (Update A)"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 01.39.000",
"product": {
"name": "GT25-WLAN: Version 01.39.000 and earlier",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "GT25-WLAN"
}
],
"category": "vendor",
"name": "Mitsubishi Electric"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-24586",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"notes": [
{
"category": "summary",
"text": "The affected product is vulnerable to a fragment cache attack as it does not clear fragments from memory when (re)connecting. This may allow an attacker to steal communication contents or inject unauthorized packets. CVE-2020-24586 has been assigned to this vulnerability. A CVSS v3 base score of 3.5 has been assigned; the CVSS vector string is (AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-24586"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "For users who use the affected products and versions, please update to the fixed versions",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Check the versions in use by referencing GOT2000 Series User\u0027s Manual (Utility) (SH-081195ENG), 6.9 Package Data Management - \u201cProperty operation.\u201d",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "The latest version of the manual is available from Mitsubishi Electric FA Global Website.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa"
},
{
"category": "mitigation",
"details": "Install system applications (extended function) \u201cWireless LAN\u201d v01.45.000 or later.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Fixed system applications (extended function) \u201cWireless LAN\u201d is included in GT Designer3 Version 1 (GOT2000) v1.275M or later.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Download and install the fixed version of MELSOFT GT Designer3 (GOT2000). Please contact a Mitsubishi Electric representative about MELSOFT GT Designer3 (GOT2000).",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa/support/index.html"
},
{
"category": "mitigation",
"details": "Start the MELSOFT GT Designer3 (GOT2000) and open the project data used in affected products.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Select [Write to GOT] from [Communication] menu to write the required package data to the GOT. Please refer to \u201c4. COMMUNICATING WITH GOT\u201d in the GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG).",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
},
{
"category": "mitigation",
"details": "After writing the required package data to the GOT, refer to the \u201cHow to check the versions in use\u201d and check the fixed versions.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When using the wireless LAN communication unit as an access point, check if the wireless LAN communication unit settings are as follows.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use WPA or WPA2 as the security authentication method for wireless LAN.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use the IP filter function*1 to restrict the accessible IP addresses. *1- Refer to GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG) \u201c5.4.3 Setting the IP filter\u201d",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
},
{
"category": "mitigation",
"details": "When using the wireless LAN communication unit as a station, check if the router settings are as follows: For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers. Use WPA or WPA2 as the security authentication method for wireless LAN.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "If you change the router settings, hide its presence on the Internet to make it difficult for unauthorized access. (e.g., set to not respond to PING requests).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Set password for the router\u0027s Management portal, which is difficult to be identified.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Check the following when using a computer or tablet, etc., on the same network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Update Antivirus software to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Do not open or access suspicious attachment file or linked URL.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-24587",
"cwe": {
"id": "CWE-326",
"name": "Inadequate Encryption Strength"
},
"notes": [
{
"category": "summary",
"text": "The affected product is vulnerable to a mixed key attack as it reassembles fragments encrypted under different keys. This may allow an attacker to steal communication contents. CVE-2020-24587 has been assigned to this vulnerability. A CVSS v3 base score of 2.6 has been assigned; the CVSS vector string is (AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-24587"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "For users who use the affected products and versions, please update to the fixed versions",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Check the versions in use by referencing GOT2000 Series User\u0027s Manual (Utility) (SH-081195ENG), 6.9 Package Data Management - \u201cProperty operation.\u201d",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "The latest version of the manual is available from Mitsubishi Electric FA Global Website.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa"
},
{
"category": "mitigation",
"details": "Install system applications (extended function) \u201cWireless LAN\u201d v01.45.000 or later.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Fixed system applications (extended function) \u201cWireless LAN\u201d is included in GT Designer3 Version 1 (GOT2000) v1.275M or later.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Download and install the fixed version of MELSOFT GT Designer3 (GOT2000). Please contact a Mitsubishi Electric representative about MELSOFT GT Designer3 (GOT2000).",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa/support/index.html"
},
{
"category": "mitigation",
"details": "Start the MELSOFT GT Designer3 (GOT2000) and open the project data used in affected products.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Select [Write to GOT] from [Communication] menu to write the required package data to the GOT. Please refer to \u201c4. COMMUNICATING WITH GOT\u201d in the GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG).",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
},
{
"category": "mitigation",
"details": "After writing the required package data to the GOT, refer to the \u201cHow to check the versions in use\u201d and check the fixed versions.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When using the wireless LAN communication unit as an access point, check if the wireless LAN communication unit settings are as follows.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use WPA or WPA2 as the security authentication method for wireless LAN.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use the IP filter function*1 to restrict the accessible IP addresses. *1- Refer to GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG) \u201c5.4.3 Setting the IP filter\u201d",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
},
{
"category": "mitigation",
"details": "When using the wireless LAN communication unit as a station, check if the router settings are as follows: For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers. Use WPA or WPA2 as the security authentication method for wireless LAN.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "If you change the router settings, hide its presence on the Internet to make it difficult for unauthorized access. (e.g., set to not respond to PING requests).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Set password for the router\u0027s Management portal, which is difficult to be identified.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Check the following when using a computer or tablet, etc., on the same network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Update Antivirus software to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Do not open or access suspicious attachment file or linked URL.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-24588",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"category": "summary",
"text": "The affected product is vulnerable to an aggregation attack as it accepts non-SPP A-MSDU frames. This may allow an attacker to inject unauthorized packets. CVE-2020-24588 has been assigned to this vulnerability. A CVSS v3 base score of 3.5 has been assigned; the CVSS vector string is (AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-24588"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "For users who use the affected products and versions, please update to the fixed versions",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Check the versions in use by referencing GOT2000 Series User\u0027s Manual (Utility) (SH-081195ENG), 6.9 Package Data Management - \u201cProperty operation.\u201d",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "The latest version of the manual is available from Mitsubishi Electric FA Global Website.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa"
},
{
"category": "mitigation",
"details": "Install system applications (extended function) \u201cWireless LAN\u201d v01.45.000 or later.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Fixed system applications (extended function) \u201cWireless LAN\u201d is included in GT Designer3 Version 1 (GOT2000) v1.275M or later.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Download and install the fixed version of MELSOFT GT Designer3 (GOT2000). Please contact a Mitsubishi Electric representative about MELSOFT GT Designer3 (GOT2000).",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa/support/index.html"
},
{
"category": "mitigation",
"details": "Start the MELSOFT GT Designer3 (GOT2000) and open the project data used in affected products.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Select [Write to GOT] from [Communication] menu to write the required package data to the GOT. Please refer to \u201c4. COMMUNICATING WITH GOT\u201d in the GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG).",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
},
{
"category": "mitigation",
"details": "After writing the required package data to the GOT, refer to the \u201cHow to check the versions in use\u201d and check the fixed versions.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When using the wireless LAN communication unit as an access point, check if the wireless LAN communication unit settings are as follows.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use WPA or WPA2 as the security authentication method for wireless LAN.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use the IP filter function*1 to restrict the accessible IP addresses. *1- Refer to GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG) \u201c5.4.3 Setting the IP filter\u201d",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
},
{
"category": "mitigation",
"details": "When using the wireless LAN communication unit as a station, check if the router settings are as follows: For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers. Use WPA or WPA2 as the security authentication method for wireless LAN.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "If you change the router settings, hide its presence on the Internet to make it difficult for unauthorized access. (e.g., set to not respond to PING requests).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Set password for the router\u0027s Management portal, which is difficult to be identified.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Check the following when using a computer or tablet, etc., on the same network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Update Antivirus software to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Do not open or access suspicious attachment file or linked URL.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-26140",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The affected product can accept plaintext data frames in a protected network. This may allow an attacker to inject unauthorized packets. CVE-2020-26140 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been assigned; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26140"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "For users who use the affected products and versions, please update to the fixed versions",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Check the versions in use by referencing GOT2000 Series User\u0027s Manual (Utility) (SH-081195ENG), 6.9 Package Data Management - \u201cProperty operation.\u201d",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "The latest version of the manual is available from Mitsubishi Electric FA Global Website.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa"
},
{
"category": "mitigation",
"details": "Install system applications (extended function) \u201cWireless LAN\u201d v01.45.000 or later.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Fixed system applications (extended function) \u201cWireless LAN\u201d is included in GT Designer3 Version 1 (GOT2000) v1.275M or later.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Download and install the fixed version of MELSOFT GT Designer3 (GOT2000). Please contact a Mitsubishi Electric representative about MELSOFT GT Designer3 (GOT2000).",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa/support/index.html"
},
{
"category": "mitigation",
"details": "Start the MELSOFT GT Designer3 (GOT2000) and open the project data used in affected products.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Select [Write to GOT] from [Communication] menu to write the required package data to the GOT. Please refer to \u201c4. COMMUNICATING WITH GOT\u201d in the GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG).",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
},
{
"category": "mitigation",
"details": "After writing the required package data to the GOT, refer to the \u201cHow to check the versions in use\u201d and check the fixed versions.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When using the wireless LAN communication unit as an access point, check if the wireless LAN communication unit settings are as follows.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use WPA or WPA2 as the security authentication method for wireless LAN.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use the IP filter function*1 to restrict the accessible IP addresses. *1- Refer to GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG) \u201c5.4.3 Setting the IP filter\u201d",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
},
{
"category": "mitigation",
"details": "When using the wireless LAN communication unit as a station, check if the router settings are as follows: For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers. Use WPA or WPA2 as the security authentication method for wireless LAN.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "If you change the router settings, hide its presence on the Internet to make it difficult for unauthorized access. (e.g., set to not respond to PING requests).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Set password for the router\u0027s Management portal, which is difficult to be identified.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Check the following when using a computer or tablet, etc., on the same network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Update Antivirus software to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Do not open or access suspicious attachment file or linked URL.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-26143",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The affected product is vulnerable to accepting fragmented plaintext data frames in a protected network. This may allow an attacker to inject unauthorized packets. CVE-2020-26143 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been assigned; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26143"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "For users who use the affected products and versions, please update to the fixed versions",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Check the versions in use by referencing GOT2000 Series User\u0027s Manual (Utility) (SH-081195ENG), 6.9 Package Data Management - \u201cProperty operation.\u201d",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "The latest version of the manual is available from Mitsubishi Electric FA Global Website.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa"
},
{
"category": "mitigation",
"details": "Install system applications (extended function) \u201cWireless LAN\u201d v01.45.000 or later.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Fixed system applications (extended function) \u201cWireless LAN\u201d is included in GT Designer3 Version 1 (GOT2000) v1.275M or later.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Download and install the fixed version of MELSOFT GT Designer3 (GOT2000). Please contact a Mitsubishi Electric representative about MELSOFT GT Designer3 (GOT2000).",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa/support/index.html"
},
{
"category": "mitigation",
"details": "Start the MELSOFT GT Designer3 (GOT2000) and open the project data used in affected products.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Select [Write to GOT] from [Communication] menu to write the required package data to the GOT. Please refer to \u201c4. COMMUNICATING WITH GOT\u201d in the GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG).",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
},
{
"category": "mitigation",
"details": "After writing the required package data to the GOT, refer to the \u201cHow to check the versions in use\u201d and check the fixed versions.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When using the wireless LAN communication unit as an access point, check if the wireless LAN communication unit settings are as follows.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use WPA or WPA2 as the security authentication method for wireless LAN.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use the IP filter function*1 to restrict the accessible IP addresses. *1- Refer to GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG) \u201c5.4.3 Setting the IP filter\u201d",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
},
{
"category": "mitigation",
"details": "When using the wireless LAN communication unit as a station, check if the router settings are as follows: For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers. Use WPA or WPA2 as the security authentication method for wireless LAN.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "If you change the router settings, hide its presence on the Internet to make it difficult for unauthorized access. (e.g., set to not respond to PING requests).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Set password for the router\u0027s Management portal, which is difficult to be identified.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Check the following when using a computer or tablet, etc., on the same network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Update Antivirus software to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Do not open or access suspicious attachment file or linked URL.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-26144",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The affected product can accept plaintext A-MSDU frames that start with an RFC1042 header with EtherType EAPOL in an encrypted network. This may allow an attacker to inject unauthorized packets. CVE-2020-26144 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been assigned; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26144"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "For users who use the affected products and versions, please update to the fixed versions",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Check the versions in use by referencing GOT2000 Series User\u0027s Manual (Utility) (SH-081195ENG), 6.9 Package Data Management - \u201cProperty operation.\u201d",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "The latest version of the manual is available from Mitsubishi Electric FA Global Website.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa"
},
{
"category": "mitigation",
"details": "Install system applications (extended function) \u201cWireless LAN\u201d v01.45.000 or later.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Fixed system applications (extended function) \u201cWireless LAN\u201d is included in GT Designer3 Version 1 (GOT2000) v1.275M or later.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Download and install the fixed version of MELSOFT GT Designer3 (GOT2000). Please contact a Mitsubishi Electric representative about MELSOFT GT Designer3 (GOT2000).",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa/support/index.html"
},
{
"category": "mitigation",
"details": "Start the MELSOFT GT Designer3 (GOT2000) and open the project data used in affected products.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Select [Write to GOT] from [Communication] menu to write the required package data to the GOT. Please refer to \u201c4. COMMUNICATING WITH GOT\u201d in the GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG).",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
},
{
"category": "mitigation",
"details": "After writing the required package data to the GOT, refer to the \u201cHow to check the versions in use\u201d and check the fixed versions.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When using the wireless LAN communication unit as an access point, check if the wireless LAN communication unit settings are as follows.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use WPA or WPA2 as the security authentication method for wireless LAN.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use the IP filter function*1 to restrict the accessible IP addresses. *1- Refer to GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG) \u201c5.4.3 Setting the IP filter\u201d",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
},
{
"category": "mitigation",
"details": "When using the wireless LAN communication unit as a station, check if the router settings are as follows: For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers. Use WPA or WPA2 as the security authentication method for wireless LAN.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "If you change the router settings, hide its presence on the Internet to make it difficult for unauthorized access. (e.g., set to not respond to PING requests).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Set password for the router\u0027s Management portal, which is difficult to be identified.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Check the following when using a computer or tablet, etc., on the same network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Update Antivirus software to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Do not open or access suspicious attachment file or linked URL.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-26146",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The affected product can reassemble encrypted fragments with non-consecutive packet numbers. This may allow an attacker to steal communication contents. CVE-2020-26146 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been assigned; the CVSS vector string is (AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26146"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "For users who use the affected products and versions, please update to the fixed versions",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Check the versions in use by referencing GOT2000 Series User\u0027s Manual (Utility) (SH-081195ENG), 6.9 Package Data Management - \u201cProperty operation.\u201d",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "The latest version of the manual is available from Mitsubishi Electric FA Global Website.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa"
},
{
"category": "mitigation",
"details": "Install system applications (extended function) \u201cWireless LAN\u201d v01.45.000 or later.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Fixed system applications (extended function) \u201cWireless LAN\u201d is included in GT Designer3 Version 1 (GOT2000) v1.275M or later.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "This does not include countermeasures for CVE-2020-26146",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26146"
},
{
"category": "mitigation",
"details": "Download and install the fixed version of MELSOFT GT Designer3 (GOT2000). Please contact a Mitsubishi Electric representative about MELSOFT GT Designer3 (GOT2000).",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa/support/index.html"
},
{
"category": "mitigation",
"details": "Start the MELSOFT GT Designer3 (GOT2000) and open the project data used in affected products.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Select [Write to GOT] from [Communication] menu to write the required package data to the GOT. Please refer to \u201c4. COMMUNICATING WITH GOT\u201d in the GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG).",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
},
{
"category": "mitigation",
"details": "After writing the required package data to the GOT, refer to the \u201cHow to check the versions in use\u201d and check the fixed versions.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When using the wireless LAN communication unit as an access point, check if the wireless LAN communication unit settings are as follows.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use WPA or WPA2 as the security authentication method for wireless LAN.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Use the IP filter function*1 to restrict the accessible IP addresses. *1- Refer to GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG) \u201c5.4.3 Setting the IP filter\u201d",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
},
{
"category": "mitigation",
"details": "When using the wireless LAN communication unit as a station, check if the router settings are as follows: For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers. Use WPA or WPA2 as the security authentication method for wireless LAN.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "If you change the router settings, hide its presence on the Internet to make it difficult for unauthorized access. (e.g., set to not respond to PING requests).",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Set password for the router\u0027s Management portal, which is difficult to be identified.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Check the following when using a computer or tablet, etc., on the same network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Update Antivirus software to the latest version.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Do not open or access suspicious attachment file or linked URL.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
ICSA-22-104-04
Vulnerability from csaf_cisa - Published: 2021-07-13 00:00 - Updated: 2026-04-16 06:00Summary
Siemens SCALANCE FragAttacks
Notes
Summary: Twelve vulnerabilities in the implementation of frame aggregation and fragmentation of the 802.11 standard, under the name of FragAttacks, have been published.
Successful exploitation of these vulnerabilities could allow an attacker within Wi-Fi range to forge encrypted frames, which could result in sensitive data disclosure and possibly traffic manipulation.
The advised Siemens products are only affected by some of the published vulnerabilities.
Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available.
General Recommendations: As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use: The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
Legal Notice and Terms of Use: This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy & Use policy (https://www.cisa.gov/privacy-policy).
Advisory Conversion Disclaimer: This ICSA is a verbatim republication of Siemens ProductCERT SSA-913875 from a direct conversion of the vendor's Common Security Advisory Framework (CSAF) advisory. This is republished to CISA's website as a means of increasing visibility and is provided "as-is" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact Siemens ProductCERT directly for any questions regarding this advisory.
Critical infrastructure sectors: Critical Manufacturing, Transportation Systems, Energy, Healthcare and Public Health, Financial Services, Government Services and Facilities
Countries/areas deployed: Worldwide
Company headquarters location: Germany
Recommended Practices: CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices: Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices: Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices: When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices: CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices: Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
CWE-306
- Missing Authentication for Critical Function
Affected products
Known affected
67 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0)
Siemens / SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0)
|
6GK5748-1GY01-0AA0
|
vers:intdot/<3.0.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W1748-1 M12 (6GK5748-1GY01-0TA0)
Siemens / SCALANCE W1748-1 M12 (6GK5748-1GY01-0TA0)
|
6GK5748-1GY01-0TA0
|
vers:intdot/<3.0.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W1750D (JP) (6GK5750-2HX01-1AD0)
Siemens / SCALANCE W1750D (JP) (6GK5750-2HX01-1AD0)
|
6GK5750-2HX01-1AD0
|
vers:intdot/<8.7.1.3 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W1750D (ROW) (6GK5750-2HX01-1AA0)
Siemens / SCALANCE W1750D (ROW) (6GK5750-2HX01-1AA0)
|
6GK5750-2HX01-1AA0
|
vers:intdot/<8.7.1.3 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W1750D (USA) (6GK5750-2HX01-1AB0)
Siemens / SCALANCE W1750D (USA) (6GK5750-2HX01-1AB0)
|
6GK5750-2HX01-1AB0
|
vers:intdot/<8.7.1.3 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0)
Siemens / SCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0)
|
6GK5788-1GY01-0AA0
|
vers:intdot/<3.0.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0)
Siemens / SCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0)
|
6GK5788-2GY01-0TA0
|
vers:intdot/<3.0.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0)
Siemens / SCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0)
|
6GK5788-2GY01-0AA0
|
vers:intdot/<3.0.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0)
Siemens / SCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0)
|
6GK5788-2HY01-0AA0
|
vers:intdot/<3.0.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
|
6GK5721-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
|
6GK5721-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
|
6GK5722-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
|
6GK5722-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
|
6GK5722-1FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
|
6GK5734-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
|
6GK5734-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
|
6GK5734-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
Siemens / SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
|
6GK5734-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
|
6GK5738-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
|
6GK5738-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
|
6GK5748-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
|
6GK5748-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
|
6GK5748-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
|
6GK5748-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
|
6GK5761-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
|
6GK5761-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
|
6GK5774-1FY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
|
6GK5774-1FY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
|
6GK5774-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
|
6GK5774-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
|
6GK5774-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
|
6GK5774-1FX00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
Siemens / SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
|
6GK5774-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
|
6GK5778-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
|
6GK5778-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
Siemens / SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
|
6GK5778-1GY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
Siemens / SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
|
6GK5778-1GY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
|
6GK5786-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
|
6GK5786-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
|
6GK5786-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
|
6GK5786-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
|
6GK5786-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
|
6GK5786-2FE00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
|
6GK5786-2FE00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
|
6GK5786-2HC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
|
6GK5786-2HC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
|
6GK5788-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
|
6GK5788-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
|
6GK5788-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
|
6GK5788-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
|
6GK5788-2GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
|
6GK5788-2GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
|
6GK5788-2GD00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
|
6GK5788-2GD00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
|
6GK5788-2GD00-0TC0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
|
6GK5788-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
|
6GK5788-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
|
6GK5788-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:intdot/<1.2.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:intdot/<1.2.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:intdot/<1.2.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:intdot/<1.2.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:intdot/<1.2.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:intdot/<1.2.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:intdot/<1.2.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:intdot/<1.2.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:intdot/<1.2.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
5.3 (Medium)
Affected products
Known affected
64 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0)
Siemens / SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0)
|
6GK5748-1GY01-0AA0
|
vers:intdot/<3.0.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W1748-1 M12 (6GK5748-1GY01-0TA0)
Siemens / SCALANCE W1748-1 M12 (6GK5748-1GY01-0TA0)
|
6GK5748-1GY01-0TA0
|
vers:intdot/<3.0.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0)
Siemens / SCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0)
|
6GK5788-1GY01-0AA0
|
vers:intdot/<3.0.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0)
Siemens / SCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0)
|
6GK5788-2GY01-0TA0
|
vers:intdot/<3.0.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0)
Siemens / SCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0)
|
6GK5788-2GY01-0AA0
|
vers:intdot/<3.0.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0)
Siemens / SCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0)
|
6GK5788-2HY01-0AA0
|
vers:intdot/<3.0.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
|
6GK5721-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
|
6GK5721-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
|
6GK5722-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
|
6GK5722-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
|
6GK5722-1FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
|
6GK5734-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
|
6GK5734-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
|
6GK5734-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
Siemens / SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
|
6GK5734-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
|
6GK5738-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
|
6GK5738-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
|
6GK5748-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
|
6GK5748-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
|
6GK5748-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
|
6GK5748-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
|
6GK5761-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
|
6GK5761-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
|
6GK5774-1FY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
|
6GK5774-1FY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
|
6GK5774-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
|
6GK5774-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
|
6GK5774-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
|
6GK5774-1FX00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
Siemens / SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
|
6GK5774-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
|
6GK5778-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
|
6GK5778-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
Siemens / SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
|
6GK5778-1GY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
Siemens / SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
|
6GK5778-1GY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
|
6GK5786-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
|
6GK5786-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
|
6GK5786-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
|
6GK5786-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
|
6GK5786-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
|
6GK5786-2FE00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
|
6GK5786-2FE00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
|
6GK5786-2HC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
|
6GK5786-2HC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
|
6GK5788-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
|
6GK5788-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
|
6GK5788-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
|
6GK5788-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
|
6GK5788-2GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
|
6GK5788-2GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
|
6GK5788-2GD00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
|
6GK5788-2GD00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
|
6GK5788-2GD00-0TC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
|
6GK5788-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
|
6GK5788-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
|
6GK5788-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:intdot/<1.2.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:intdot/<1.2.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:intdot/<1.2.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:intdot/<1.2.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:intdot/<1.2.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:intdot/<1.2.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:intdot/<1.2.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:intdot/<1.2.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:intdot/<1.2.0 |
Mitigation
Vendor Fix
fix
|
6.5 (Medium)
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
|
6GK5721-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
|
6GK5721-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
|
6GK5722-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
|
6GK5722-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
|
6GK5722-1FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
|
6GK5734-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
|
6GK5734-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
|
6GK5734-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
Siemens / SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
|
6GK5734-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
|
6GK5738-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
|
6GK5738-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
|
6GK5748-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
|
6GK5748-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
|
6GK5748-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
|
6GK5748-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
|
6GK5761-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
|
6GK5761-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
|
6GK5774-1FY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
|
6GK5774-1FY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
|
6GK5774-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
|
6GK5774-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
|
6GK5774-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
|
6GK5774-1FX00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
Siemens / SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
|
6GK5774-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
|
6GK5778-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
|
6GK5778-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
Siemens / SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
|
6GK5778-1GY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
Siemens / SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
|
6GK5778-1GY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
|
6GK5786-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
|
6GK5786-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
|
6GK5786-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
|
6GK5786-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
|
6GK5786-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
|
6GK5786-2FE00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
|
6GK5786-2FE00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
|
6GK5786-2HC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
|
6GK5786-2HC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
|
6GK5788-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
|
6GK5788-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
|
6GK5788-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
|
6GK5788-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
|
6GK5788-2GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
|
6GK5788-2GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
|
6GK5788-2GD00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
|
6GK5788-2GD00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
|
6GK5788-2GD00-0TC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
|
6GK5788-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
|
6GK5788-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
|
6GK5788-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
6.5 (Medium)
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
|
6GK5721-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
|
6GK5721-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
|
6GK5722-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
|
6GK5722-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
|
6GK5722-1FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
|
6GK5734-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
|
6GK5734-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
|
6GK5734-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
Siemens / SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
|
6GK5734-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
|
6GK5738-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
|
6GK5738-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
|
6GK5748-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
|
6GK5748-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
|
6GK5748-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
|
6GK5748-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
|
6GK5761-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
|
6GK5761-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
|
6GK5774-1FY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
|
6GK5774-1FY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
|
6GK5774-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
|
6GK5774-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
|
6GK5774-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
|
6GK5774-1FX00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
Siemens / SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
|
6GK5774-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
|
6GK5778-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
|
6GK5778-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
Siemens / SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
|
6GK5778-1GY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
Siemens / SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
|
6GK5778-1GY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
|
6GK5786-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
|
6GK5786-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
|
6GK5786-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
|
6GK5786-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
|
6GK5786-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
|
6GK5786-2FE00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
|
6GK5786-2FE00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
|
6GK5786-2HC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
|
6GK5786-2HC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
|
6GK5788-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
|
6GK5788-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
|
6GK5788-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
|
6GK5788-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
|
6GK5788-2GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
|
6GK5788-2GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
|
6GK5788-2GD00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
|
6GK5788-2GD00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
|
6GK5788-2GD00-0TC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
|
6GK5788-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
|
6GK5788-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
|
6GK5788-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
6.5 (Medium)
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
|
6GK5721-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
|
6GK5721-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
|
6GK5722-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
|
6GK5722-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
|
6GK5722-1FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
|
6GK5734-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
|
6GK5734-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
|
6GK5734-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
Siemens / SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
|
6GK5734-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
|
6GK5738-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
|
6GK5738-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
|
6GK5748-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
|
6GK5748-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
|
6GK5748-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
|
6GK5748-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
|
6GK5761-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
|
6GK5761-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
|
6GK5774-1FY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
|
6GK5774-1FY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
|
6GK5774-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
|
6GK5774-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
|
6GK5774-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
|
6GK5774-1FX00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
Siemens / SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
|
6GK5774-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
|
6GK5778-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
|
6GK5778-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
Siemens / SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
|
6GK5778-1GY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
Siemens / SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
|
6GK5778-1GY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
|
6GK5786-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
|
6GK5786-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
|
6GK5786-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
|
6GK5786-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
|
6GK5786-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
|
6GK5786-2FE00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
|
6GK5786-2FE00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
|
6GK5786-2HC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
|
6GK5786-2HC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
|
6GK5788-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
|
6GK5788-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
|
6GK5788-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
|
6GK5788-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
|
6GK5788-2GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
|
6GK5788-2GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
|
6GK5788-2GD00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
|
6GK5788-2GD00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
|
6GK5788-2GD00-0TC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
|
6GK5788-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
|
6GK5788-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
|
6GK5788-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
6.5 (Medium)
Affected products
Known affected
58 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
|
6GK5721-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
|
6GK5721-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
|
6GK5722-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
|
6GK5722-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
|
6GK5722-1FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
|
6GK5734-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
|
6GK5734-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
|
6GK5734-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
Siemens / SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
|
6GK5734-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
|
6GK5738-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
|
6GK5738-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
|
6GK5748-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
|
6GK5748-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
|
6GK5748-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
|
6GK5748-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
|
6GK5761-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
|
6GK5761-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
|
6GK5774-1FY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
|
6GK5774-1FY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
|
6GK5774-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
|
6GK5774-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
|
6GK5774-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
|
6GK5774-1FX00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
Siemens / SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
|
6GK5774-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
|
6GK5778-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
|
6GK5778-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
Siemens / SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
|
6GK5778-1GY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
Siemens / SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
|
6GK5778-1GY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
|
6GK5786-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
|
6GK5786-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
|
6GK5786-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
|
6GK5786-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
|
6GK5786-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
|
6GK5786-2FE00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
|
6GK5786-2FE00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
|
6GK5786-2HC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
|
6GK5786-2HC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
|
6GK5788-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
|
6GK5788-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
|
6GK5788-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
|
6GK5788-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
|
6GK5788-2GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
|
6GK5788-2GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
|
6GK5788-2GD00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
|
6GK5788-2GD00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
|
6GK5788-2GD00-0TC0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
|
6GK5788-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
|
6GK5788-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
|
6GK5788-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:intdot/<1.2.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:intdot/<1.2.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:intdot/<1.2.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:intdot/<1.2.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:intdot/<1.2.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:intdot/<1.2.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:intdot/<1.2.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:intdot/<1.2.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:intdot/<1.2.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
6.5 (Medium)
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:intdot/<1.2.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:intdot/<1.2.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:intdot/<1.2.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:intdot/<1.2.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:intdot/<1.2.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:intdot/<1.2.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:intdot/<1.2.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:intdot/<1.2.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:intdot/<1.2.0 |
Mitigation
Vendor Fix
fix
|
5.3 (Medium)
Affected products
Known affected
67 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0)
Siemens / SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0)
|
6GK5748-1GY01-0AA0
|
vers:intdot/<3.0.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W1748-1 M12 (6GK5748-1GY01-0TA0)
Siemens / SCALANCE W1748-1 M12 (6GK5748-1GY01-0TA0)
|
6GK5748-1GY01-0TA0
|
vers:intdot/<3.0.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W1750D (JP) (6GK5750-2HX01-1AD0)
Siemens / SCALANCE W1750D (JP) (6GK5750-2HX01-1AD0)
|
6GK5750-2HX01-1AD0
|
vers:intdot/<8.7.1.3 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W1750D (ROW) (6GK5750-2HX01-1AA0)
Siemens / SCALANCE W1750D (ROW) (6GK5750-2HX01-1AA0)
|
6GK5750-2HX01-1AA0
|
vers:intdot/<8.7.1.3 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W1750D (USA) (6GK5750-2HX01-1AB0)
Siemens / SCALANCE W1750D (USA) (6GK5750-2HX01-1AB0)
|
6GK5750-2HX01-1AB0
|
vers:intdot/<8.7.1.3 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0)
Siemens / SCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0)
|
6GK5788-1GY01-0AA0
|
vers:intdot/<3.0.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0)
Siemens / SCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0)
|
6GK5788-2GY01-0TA0
|
vers:intdot/<3.0.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0)
Siemens / SCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0)
|
6GK5788-2GY01-0AA0
|
vers:intdot/<3.0.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0)
Siemens / SCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0)
|
6GK5788-2HY01-0AA0
|
vers:intdot/<3.0.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
|
6GK5721-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
|
6GK5721-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
|
6GK5722-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
|
6GK5722-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
|
6GK5722-1FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
|
6GK5734-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
|
6GK5734-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
|
6GK5734-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
Siemens / SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
|
6GK5734-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
|
6GK5738-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
|
6GK5738-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
|
6GK5748-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
|
6GK5748-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
|
6GK5748-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
|
6GK5748-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
|
6GK5761-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
|
6GK5761-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
|
6GK5774-1FY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
|
6GK5774-1FY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
|
6GK5774-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
|
6GK5774-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
|
6GK5774-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
|
6GK5774-1FX00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
Siemens / SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
|
6GK5774-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
|
6GK5778-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
|
6GK5778-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
Siemens / SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
|
6GK5778-1GY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
Siemens / SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
|
6GK5778-1GY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
|
6GK5786-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
|
6GK5786-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
|
6GK5786-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
|
6GK5786-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
|
6GK5786-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
|
6GK5786-2FE00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
|
6GK5786-2FE00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
|
6GK5786-2HC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
|
6GK5786-2HC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
|
6GK5788-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
|
6GK5788-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
|
6GK5788-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
|
6GK5788-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
|
6GK5788-2GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
|
6GK5788-2GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
|
6GK5788-2GD00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
|
6GK5788-2GD00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
|
6GK5788-2GD00-0TC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
|
6GK5788-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
|
6GK5788-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
|
6GK5788-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
Siemens / SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)
|
6GK5763-1AL00-7DA0
|
vers:intdot/<1.2.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
Siemens / SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)
|
6GK5766-1GE00-7DA0
|
vers:intdot/<1.2.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
Siemens / SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)
|
6GK5766-1GE00-7DB0
|
vers:intdot/<1.2.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
Siemens / SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)
|
6GK5766-1GE00-7TA0
|
vers:intdot/<1.2.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
Siemens / SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)
|
6GK5766-1GE00-7TB0
|
vers:intdot/<1.2.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)
|
6GK5763-1AL00-3AA0
|
vers:intdot/<1.2.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
Siemens / SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)
|
6GK5763-1AL00-3DA0
|
vers:intdot/<1.2.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
Siemens / SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)
|
6GK5766-1GE00-3DA0
|
vers:intdot/<1.2.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
Siemens / SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)
|
6GK5766-1GE00-3DB0
|
vers:intdot/<1.2.0 |
Mitigation
Vendor Fix
fix
|
5.4 (Medium)
Affected products
Known affected
55 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0)
Siemens / SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0)
|
6GK5748-1GY01-0AA0
|
vers:intdot/<3.0.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W1748-1 M12 (6GK5748-1GY01-0TA0)
Siemens / SCALANCE W1748-1 M12 (6GK5748-1GY01-0TA0)
|
6GK5748-1GY01-0TA0
|
vers:intdot/<3.0.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0)
Siemens / SCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0)
|
6GK5788-1GY01-0AA0
|
vers:intdot/<3.0.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0)
Siemens / SCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0)
|
6GK5788-2GY01-0TA0
|
vers:intdot/<3.0.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0)
Siemens / SCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0)
|
6GK5788-2GY01-0AA0
|
vers:intdot/<3.0.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0)
Siemens / SCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0)
|
6GK5788-2HY01-0AA0
|
vers:intdot/<3.0.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
|
6GK5721-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
|
6GK5721-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
|
6GK5722-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
|
6GK5722-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
|
6GK5722-1FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
|
6GK5734-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
|
6GK5734-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
|
6GK5734-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
Siemens / SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
|
6GK5734-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
|
6GK5738-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
|
6GK5738-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
|
6GK5748-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
|
6GK5748-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
|
6GK5748-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
|
6GK5748-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
|
6GK5761-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
|
6GK5761-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
|
6GK5774-1FY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
|
6GK5774-1FY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
|
6GK5774-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
|
6GK5774-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
|
6GK5774-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
|
6GK5774-1FX00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
Siemens / SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
|
6GK5774-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
|
6GK5778-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
|
6GK5778-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
Siemens / SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
|
6GK5778-1GY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
Siemens / SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
|
6GK5778-1GY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
|
6GK5786-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
|
6GK5786-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
|
6GK5786-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
|
6GK5786-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
|
6GK5786-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
|
6GK5786-2FE00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
|
6GK5786-2FE00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
|
6GK5786-2HC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
|
6GK5786-2HC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
|
6GK5788-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
|
6GK5788-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
|
6GK5788-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
|
6GK5788-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
|
6GK5788-2GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
|
6GK5788-2GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
|
6GK5788-2GD00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
|
6GK5788-2GD00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
|
6GK5788-2GD00-0TC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
|
6GK5788-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
|
6GK5788-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
|
6GK5788-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
References
29 references
Acknowledgments
Siemens ProductCERT
{
"document": {
"acknowledgments": [
{
"organization": "Siemens ProductCERT",
"summary": "reported these vulnerabilities to CISA."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://www.cisa.gov/news-events/news/traffic-light-protocol-tlp-definitions-and-usage"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Twelve vulnerabilities in the implementation of frame aggregation and fragmentation of the 802.11 standard, under the name of FragAttacks, have been published.\n\nSuccessful exploitation of these vulnerabilities could allow an attacker within Wi-Fi range to forge encrypted frames, which could result in sensitive data disclosure and possibly traffic manipulation.\n\nThe advised Siemens products are only affected by some of the published vulnerabilities.\n\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
},
{
"category": "legal_disclaimer",
"text": "This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy \u0026 Use policy (https://www.cisa.gov/privacy-policy).",
"title": "Legal Notice and Terms of Use"
},
{
"category": "other",
"text": "This ICSA is a verbatim republication of Siemens ProductCERT SSA-913875 from a direct conversion of the vendor\u0027s Common Security Advisory Framework (CSAF) advisory. This is republished to CISA\u0027s website as a means of increasing visibility and is provided \"as-is\" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact Siemens ProductCERT directly for any questions regarding this advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Critical Manufacturing, Transportation Systems, Energy, Healthcare and Public Health, Financial Services, Government Services and Facilities",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "other",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "SSA-913875: Frame Aggregation and Fragmentation Vulnerabilities in 802.11 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-913875.json"
},
{
"category": "self",
"summary": "SSA-913875: Frame Aggregation and Fragmentation Vulnerabilities in 802.11 - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-913875.html"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-22-104-04 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-104-04.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-22-104-04 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-104-04"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/ics-alerts/ics-alert-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/news/targeted-cyber-intrusion-detection-and-mitigation-strategies-update-b"
}
],
"title": "Siemens SCALANCE FragAttacks",
"tracking": {
"current_release_date": "2026-04-16T06:00:00.000000Z",
"generator": {
"date": "2026-04-15T16:33:41.944929Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.5.0"
}
},
"id": "ICSA-22-104-04",
"initial_release_date": "2021-07-13T00:00:00.000000Z",
"revision_history": [
{
"date": "2021-07-13T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2021-10-12T00:00:00.000000Z",
"legacy_version": "Additional Release 1",
"number": "2",
"summary": "Added fix for SCALANCE W1750D"
},
{
"date": "2022-02-08T00:00:00.000000Z",
"legacy_version": "Additional Release 2",
"number": "3",
"summary": "Added fix for SCALANCE W-700 IEEE 802.11ax family; updated name and split into individual products the SCALANCE W-700 and SCALANCE W-1700 families; clarified that no fix is planned for SCALANCE W-700 IEEE 802.11n and SCALANCE W-1700 IEEE 802.11ac families"
},
{
"date": "2022-04-12T00:00:00.000000Z",
"legacy_version": "Additional Release 3",
"number": "4",
"summary": "Added fix for SCALANCE W-1700 IEEE 802.11ac family"
},
{
"date": "2025-04-08T00:00:00.000000Z",
"legacy_version": "Additional Release 4",
"number": "5",
"summary": "Clarified fix version information for SCALANCE W-700 IEEE 802.11ax family"
},
{
"date": "2025-05-06T06:00:00.000000Z",
"legacy_version": "Additional Release 5",
"number": "6",
"summary": "CISA Republication - Revision - Fixing typos"
},
{
"date": "2026-04-14T00:00:00.000000Z",
"legacy_version": "Additional Release 6",
"number": "7",
"summary": "Added fix for SCALANCE W-700 IEEE 802.11n family"
},
{
"date": "2026-04-16T06:00:00.000000Z",
"legacy_version": "Latest Updated CISA Republication",
"number": "8",
"summary": "CISA Republication update based on Siemens ProductCERT SSA-913875 advisory"
}
],
"status": "final",
"version": "8"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c3.0.0",
"product": {
"name": "SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0)",
"product_id": "CSAFPID-0001",
"product_identification_helper": {
"model_numbers": [
"6GK5748-1GY01-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c3.0.0",
"product": {
"name": "SCALANCE W1748-1 M12 (6GK5748-1GY01-0TA0)",
"product_id": "CSAFPID-0002",
"product_identification_helper": {
"model_numbers": [
"6GK5748-1GY01-0TA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W1748-1 M12 (6GK5748-1GY01-0TA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c8.7.1.3",
"product": {
"name": "SCALANCE W1750D (JP) (6GK5750-2HX01-1AD0)",
"product_id": "CSAFPID-0003",
"product_identification_helper": {
"model_numbers": [
"6GK5750-2HX01-1AD0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W1750D (JP) (6GK5750-2HX01-1AD0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c8.7.1.3",
"product": {
"name": "SCALANCE W1750D (ROW) (6GK5750-2HX01-1AA0)",
"product_id": "CSAFPID-0004",
"product_identification_helper": {
"model_numbers": [
"6GK5750-2HX01-1AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W1750D (ROW) (6GK5750-2HX01-1AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c8.7.1.3",
"product": {
"name": "SCALANCE W1750D (USA) (6GK5750-2HX01-1AB0)",
"product_id": "CSAFPID-0005",
"product_identification_helper": {
"model_numbers": [
"6GK5750-2HX01-1AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W1750D (USA) (6GK5750-2HX01-1AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c3.0.0",
"product": {
"name": "SCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0)",
"product_id": "CSAFPID-0006",
"product_identification_helper": {
"model_numbers": [
"6GK5788-1GY01-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c3.0.0",
"product": {
"name": "SCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0)",
"product_id": "CSAFPID-0007",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2GY01-0TA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c3.0.0",
"product": {
"name": "SCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0)",
"product_id": "CSAFPID-0008",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2GY01-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c3.0.0",
"product": {
"name": "SCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0)",
"product_id": "CSAFPID-0009",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2HY01-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)",
"product_id": "CSAFPID-0010",
"product_identification_helper": {
"model_numbers": [
"6GK5721-1FC00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)",
"product_id": "CSAFPID-0011",
"product_identification_helper": {
"model_numbers": [
"6GK5721-1FC00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)",
"product_id": "CSAFPID-0012",
"product_identification_helper": {
"model_numbers": [
"6GK5722-1FC00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)",
"product_id": "CSAFPID-0013",
"product_identification_helper": {
"model_numbers": [
"6GK5722-1FC00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)",
"product_id": "CSAFPID-0014",
"product_identification_helper": {
"model_numbers": [
"6GK5722-1FC00-0AC0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)",
"product_id": "CSAFPID-0015",
"product_identification_helper": {
"model_numbers": [
"6GK5734-1FX00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)",
"product_id": "CSAFPID-0016",
"product_identification_helper": {
"model_numbers": [
"6GK5734-1FX00-0AA6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)",
"product_id": "CSAFPID-0017",
"product_identification_helper": {
"model_numbers": [
"6GK5734-1FX00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)",
"product_id": "CSAFPID-0018",
"product_identification_helper": {
"model_numbers": [
"6GK5734-1FX00-0AB6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)",
"product_id": "CSAFPID-0019",
"product_identification_helper": {
"model_numbers": [
"6GK5738-1GY00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)",
"product_id": "CSAFPID-0020",
"product_identification_helper": {
"model_numbers": [
"6GK5738-1GY00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)",
"product_id": "CSAFPID-0021",
"product_identification_helper": {
"model_numbers": [
"6GK5748-1GD00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)",
"product_id": "CSAFPID-0022",
"product_identification_helper": {
"model_numbers": [
"6GK5748-1GD00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)",
"product_id": "CSAFPID-0023",
"product_identification_helper": {
"model_numbers": [
"6GK5748-1FC00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)",
"product_id": "CSAFPID-0024",
"product_identification_helper": {
"model_numbers": [
"6GK5748-1FC00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)",
"product_id": "CSAFPID-0025",
"product_identification_helper": {
"model_numbers": [
"6GK5761-1FC00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)",
"product_id": "CSAFPID-0026",
"product_identification_helper": {
"model_numbers": [
"6GK5761-1FC00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)",
"product_id": "CSAFPID-0027",
"product_identification_helper": {
"model_numbers": [
"6GK5774-1FY00-0TA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)",
"product_id": "CSAFPID-0028",
"product_identification_helper": {
"model_numbers": [
"6GK5774-1FY00-0TB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)",
"product_id": "CSAFPID-0029",
"product_identification_helper": {
"model_numbers": [
"6GK5774-1FX00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)",
"product_id": "CSAFPID-0030",
"product_identification_helper": {
"model_numbers": [
"6GK5774-1FX00-0AA6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)",
"product_id": "CSAFPID-0031",
"product_identification_helper": {
"model_numbers": [
"6GK5774-1FX00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)",
"product_id": "CSAFPID-0032",
"product_identification_helper": {
"model_numbers": [
"6GK5774-1FX00-0AC0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)",
"product_id": "CSAFPID-0033",
"product_identification_helper": {
"model_numbers": [
"6GK5774-1FX00-0AB6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)",
"product_id": "CSAFPID-0034",
"product_identification_helper": {
"model_numbers": [
"6GK5778-1GY00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)",
"product_id": "CSAFPID-0035",
"product_identification_helper": {
"model_numbers": [
"6GK5778-1GY00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)",
"product_id": "CSAFPID-0036",
"product_identification_helper": {
"model_numbers": [
"6GK5778-1GY00-0TA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)",
"product_id": "CSAFPID-0037",
"product_identification_helper": {
"model_numbers": [
"6GK5778-1GY00-0TB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)",
"product_id": "CSAFPID-0038",
"product_identification_helper": {
"model_numbers": [
"6GK5786-1FC00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)",
"product_id": "CSAFPID-0039",
"product_identification_helper": {
"model_numbers": [
"6GK5786-1FC00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)",
"product_id": "CSAFPID-0040",
"product_identification_helper": {
"model_numbers": [
"6GK5786-2FC00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)",
"product_id": "CSAFPID-0041",
"product_identification_helper": {
"model_numbers": [
"6GK5786-2FC00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)",
"product_id": "CSAFPID-0042",
"product_identification_helper": {
"model_numbers": [
"6GK5786-2FC00-0AC0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)",
"product_id": "CSAFPID-0043",
"product_identification_helper": {
"model_numbers": [
"6GK5786-2FE00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)",
"product_id": "CSAFPID-0044",
"product_identification_helper": {
"model_numbers": [
"6GK5786-2FE00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)",
"product_id": "CSAFPID-0045",
"product_identification_helper": {
"model_numbers": [
"6GK5786-2HC00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)",
"product_id": "CSAFPID-0046",
"product_identification_helper": {
"model_numbers": [
"6GK5786-2HC00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)",
"product_id": "CSAFPID-0047",
"product_identification_helper": {
"model_numbers": [
"6GK5788-1GD00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)",
"product_id": "CSAFPID-0048",
"product_identification_helper": {
"model_numbers": [
"6GK5788-1GD00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)",
"product_id": "CSAFPID-0049",
"product_identification_helper": {
"model_numbers": [
"6GK5788-1FC00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)",
"product_id": "CSAFPID-0050",
"product_identification_helper": {
"model_numbers": [
"6GK5788-1FC00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)",
"product_id": "CSAFPID-0051",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2GD00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)",
"product_id": "CSAFPID-0052",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2GD00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)",
"product_id": "CSAFPID-0053",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2GD00-0TA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)",
"product_id": "CSAFPID-0054",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2GD00-0TB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)",
"product_id": "CSAFPID-0055",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2GD00-0TC0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)",
"product_id": "CSAFPID-0056",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2FC00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)",
"product_id": "CSAFPID-0057",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2FC00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)",
"product_id": "CSAFPID-0058",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2FC00-0AC0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c1.2.0",
"product": {
"name": "SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)",
"product_id": "CSAFPID-0059",
"product_identification_helper": {
"model_numbers": [
"6GK5763-1AL00-7DA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c1.2.0",
"product": {
"name": "SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)",
"product_id": "CSAFPID-0060",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-7DA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM766-1 (6GK5766-1GE00-7DA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c1.2.0",
"product": {
"name": "SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)",
"product_id": "CSAFPID-0061",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-7DB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c1.2.0",
"product": {
"name": "SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)",
"product_id": "CSAFPID-0062",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-7TA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c1.2.0",
"product": {
"name": "SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)",
"product_id": "CSAFPID-0063",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-7TB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c1.2.0",
"product": {
"name": "SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)",
"product_id": "CSAFPID-0064",
"product_identification_helper": {
"model_numbers": [
"6GK5763-1AL00-3AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c1.2.0",
"product": {
"name": "SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)",
"product_id": "CSAFPID-0065",
"product_identification_helper": {
"model_numbers": [
"6GK5763-1AL00-3DA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c1.2.0",
"product": {
"name": "SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)",
"product_id": "CSAFPID-0066",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-3DA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WUM766-1 (6GK5766-1GE00-3DA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c1.2.0",
"product": {
"name": "SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)",
"product_id": "CSAFPID-0067",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-3DB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-24588",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"category": "summary",
"text": "The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn\u0027t require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24588"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/306.html"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "As these vulnerabilities can only be exploited within Wi-Fi range, when possible reduce Wi-Fi transmission power or make sure to have the devices in private areas with physical access controls",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067"
]
},
{
"category": "mitigation",
"details": "Disable A-MSDU, if possible",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.2.0 or later version",
"product_ids": [
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109805887/"
},
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109808629/"
},
{
"category": "vendor_fix",
"details": "Update to V6.6.0 or later version",
"product_ids": [
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109996102/"
},
{
"category": "vendor_fix",
"details": "Update to V8.7.1.3 or later version",
"product_ids": [
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109802805/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067"
]
}
],
"title": "CVE-2020-24588"
},
{
"cve": "CVE-2020-26139",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26139"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/287.html"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "As these vulnerabilities can only be exploited within Wi-Fi range, when possible reduce Wi-Fi transmission power or make sure to have the devices in private areas with physical access controls",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.2.0 or later version",
"product_ids": [
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109805887/"
},
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109808629/"
},
{
"category": "vendor_fix",
"details": "Update to V6.6.0 or later version",
"product_ids": [
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109996102/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067"
]
}
],
"title": "CVE-2020-26139"
},
{
"cve": "CVE-2020-26140",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26140"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/74.html"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "As these vulnerabilities can only be exploited within Wi-Fi range, when possible reduce Wi-Fi transmission power or make sure to have the devices in private areas with physical access controls",
"product_ids": [
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "vendor_fix",
"details": "Update to V6.6.0 or later version",
"product_ids": [
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109996102/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
}
],
"title": "CVE-2020-26140"
},
{
"cve": "CVE-2020-26141",
"cwe": {
"id": "CWE-354",
"name": "Improper Validation of Integrity Check Value"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26141"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/354.html"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "As these vulnerabilities can only be exploited within Wi-Fi range, when possible reduce Wi-Fi transmission power or make sure to have the devices in private areas with physical access controls",
"product_ids": [
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "vendor_fix",
"details": "Update to V6.6.0 or later version",
"product_ids": [
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109996102/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
}
],
"title": "CVE-2020-26141"
},
{
"cve": "CVE-2020-26143",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26143"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "As these vulnerabilities can only be exploited within Wi-Fi range, when possible reduce Wi-Fi transmission power or make sure to have the devices in private areas with physical access controls",
"product_ids": [
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "vendor_fix",
"details": "Update to V6.6.0 or later version",
"product_ids": [
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109996102/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
}
],
"title": "CVE-2020-26143"
},
{
"cve": "CVE-2020-26144",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext A-MSDU frames as long as the first 8 bytes correspond to a valid RFC1042 (i.e., LLC/SNAP) header for EAPOL. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26144"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "As these vulnerabilities can only be exploited within Wi-Fi range, when possible reduce Wi-Fi transmission power or make sure to have the devices in private areas with physical access controls",
"product_ids": [
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067"
]
},
{
"category": "mitigation",
"details": "Disable A-MSDU, if possible",
"product_ids": [
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.2.0 or later version",
"product_ids": [
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109805887/"
},
{
"category": "vendor_fix",
"details": "Update to V6.6.0 or later version",
"product_ids": [
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109996102/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067"
]
}
],
"title": "CVE-2020-26144"
},
{
"cve": "CVE-2020-26145",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26145"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "As these vulnerabilities can only be exploited within Wi-Fi range, when possible reduce Wi-Fi transmission power or make sure to have the devices in private areas with physical access controls",
"product_ids": [
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.2.0 or later version",
"product_ids": [
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109805887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067"
]
}
],
"title": "CVE-2020-26145"
},
{
"cve": "CVE-2020-26146",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26146"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "As these vulnerabilities can only be exploited within Wi-Fi range, when possible reduce Wi-Fi transmission power or make sure to have the devices in private areas with physical access controls",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067"
]
},
{
"category": "vendor_fix",
"details": "Update to V1.2.0 or later version",
"product_ids": [
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109805887/"
},
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109808629/"
},
{
"category": "vendor_fix",
"details": "Update to V6.6.0 or later version",
"product_ids": [
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109996102/"
},
{
"category": "vendor_fix",
"details": "Update to V8.7.1.3 or later version",
"product_ids": [
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109802805/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058",
"CSAFPID-0059",
"CSAFPID-0060",
"CSAFPID-0061",
"CSAFPID-0062",
"CSAFPID-0063",
"CSAFPID-0064",
"CSAFPID-0065",
"CSAFPID-0066",
"CSAFPID-0067"
]
}
],
"title": "CVE-2020-26146"
},
{
"cve": "CVE-2020-26147",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26147"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "As these vulnerabilities can only be exploited within Wi-Fi range, when possible reduce Wi-Fi transmission power or make sure to have the devices in private areas with physical access controls",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
},
{
"category": "vendor_fix",
"details": "Update to V3.0.0 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109808629/"
},
{
"category": "vendor_fix",
"details": "Update to V6.6.0 or later version",
"product_ids": [
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109996102/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049",
"CSAFPID-0050",
"CSAFPID-0051",
"CSAFPID-0052",
"CSAFPID-0053",
"CSAFPID-0054",
"CSAFPID-0055",
"CSAFPID-0056",
"CSAFPID-0057",
"CSAFPID-0058"
]
}
],
"title": "CVE-2020-26147"
}
]
}
ICSA-26-111-07
Vulnerability from csaf_cisa - Published: 2026-04-14 00:00 - Updated: 2026-04-21 06:00Summary
Siemens SCALANCE
Notes
Summary: SCALANCE W-700 IEEE 802.11n family before V6.6.0 are affected by multiple vulnerabilities.
Siemens has released a new version for SCALANCE W-700 IEEE 802.11n family and recommends to update to the latest version.
General Recommendations: As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use: The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
Legal Notice and Terms of Use: This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy & Use policy (https://www.cisa.gov/privacy-policy).
Advisory Conversion Disclaimer: This ICSA is a verbatim republication of Siemens ProductCERT SSA-019200 from a direct conversion of the vendor's Common Security Advisory Framework (CSAF) advisory. This is republished to CISA's website as a means of increasing visibility and is provided "as-is" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact Siemens ProductCERT directly for any questions regarding this advisory.
Critical infrastructure sectors: Communications, Information Technology, Critical Manufacturing
Countries/areas deployed: Worldwide
Company headquarters location: Germany
Recommended Practices: CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices: Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices: Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices: When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices: CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices: Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
CWE-306
- Missing Authentication for Critical Function
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
|
6GK5721-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
|
6GK5721-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
|
6GK5722-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
|
6GK5722-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
|
6GK5722-1FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
|
6GK5734-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
|
6GK5734-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
|
6GK5734-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
Siemens / SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
|
6GK5734-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
|
6GK5738-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
|
6GK5738-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
|
6GK5748-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
|
6GK5748-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
|
6GK5748-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
|
6GK5748-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
|
6GK5761-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
|
6GK5761-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
|
6GK5774-1FY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
|
6GK5774-1FY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
|
6GK5774-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
|
6GK5774-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
|
6GK5774-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
|
6GK5774-1FX00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
Siemens / SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
|
6GK5774-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
|
6GK5778-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
|
6GK5778-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
Siemens / SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
|
6GK5778-1GY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
Siemens / SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
|
6GK5778-1GY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
|
6GK5786-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
|
6GK5786-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
|
6GK5786-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
|
6GK5786-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
|
6GK5786-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
|
6GK5786-2FE00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
|
6GK5786-2FE00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
|
6GK5786-2HC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
|
6GK5786-2HC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
|
6GK5788-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
|
6GK5788-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
|
6GK5788-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
|
6GK5788-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
|
6GK5788-2GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
|
6GK5788-2GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
|
6GK5788-2GD00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
|
6GK5788-2GD00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
|
6GK5788-2GD00-0TC0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
|
6GK5788-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
|
6GK5788-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
|
6GK5788-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Mitigation
Vendor Fix
fix
|
5.3 (Medium)
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
|
6GK5721-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
|
6GK5721-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
|
6GK5722-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
|
6GK5722-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
|
6GK5722-1FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
|
6GK5734-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
|
6GK5734-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
|
6GK5734-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
Siemens / SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
|
6GK5734-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
|
6GK5738-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
|
6GK5738-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
|
6GK5748-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
|
6GK5748-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
|
6GK5748-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
|
6GK5748-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
|
6GK5761-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
|
6GK5761-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
|
6GK5774-1FY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
|
6GK5774-1FY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
|
6GK5774-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
|
6GK5774-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
|
6GK5774-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
|
6GK5774-1FX00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
Siemens / SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
|
6GK5774-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
|
6GK5778-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
|
6GK5778-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
Siemens / SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
|
6GK5778-1GY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
Siemens / SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
|
6GK5778-1GY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
|
6GK5786-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
|
6GK5786-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
|
6GK5786-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
|
6GK5786-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
|
6GK5786-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
|
6GK5786-2FE00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
|
6GK5786-2FE00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
|
6GK5786-2HC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
|
6GK5786-2HC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
|
6GK5788-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
|
6GK5788-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
|
6GK5788-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
|
6GK5788-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
|
6GK5788-2GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
|
6GK5788-2GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
|
6GK5788-2GD00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
|
6GK5788-2GD00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
|
6GK5788-2GD00-0TC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
|
6GK5788-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
|
6GK5788-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
|
6GK5788-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
6.5 (Medium)
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
|
6GK5721-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
|
6GK5721-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
|
6GK5722-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
|
6GK5722-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
|
6GK5722-1FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
|
6GK5734-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
|
6GK5734-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
|
6GK5734-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
Siemens / SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
|
6GK5734-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
|
6GK5738-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
|
6GK5738-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
|
6GK5748-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
|
6GK5748-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
|
6GK5748-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
|
6GK5748-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
|
6GK5761-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
|
6GK5761-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
|
6GK5774-1FY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
|
6GK5774-1FY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
|
6GK5774-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
|
6GK5774-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
|
6GK5774-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
|
6GK5774-1FX00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
Siemens / SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
|
6GK5774-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
|
6GK5778-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
|
6GK5778-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
Siemens / SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
|
6GK5778-1GY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
Siemens / SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
|
6GK5778-1GY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
|
6GK5786-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
|
6GK5786-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
|
6GK5786-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
|
6GK5786-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
|
6GK5786-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
|
6GK5786-2FE00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
|
6GK5786-2FE00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
|
6GK5786-2HC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
|
6GK5786-2HC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
|
6GK5788-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
|
6GK5788-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
|
6GK5788-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
|
6GK5788-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
|
6GK5788-2GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
|
6GK5788-2GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
|
6GK5788-2GD00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
|
6GK5788-2GD00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
|
6GK5788-2GD00-0TC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
|
6GK5788-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
|
6GK5788-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
|
6GK5788-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
6.5 (Medium)
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
|
6GK5721-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
|
6GK5721-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
|
6GK5722-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
|
6GK5722-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
|
6GK5722-1FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
|
6GK5734-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
|
6GK5734-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
|
6GK5734-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
Siemens / SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
|
6GK5734-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
|
6GK5738-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
|
6GK5738-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
|
6GK5748-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
|
6GK5748-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
|
6GK5748-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
|
6GK5748-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
|
6GK5761-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
|
6GK5761-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
|
6GK5774-1FY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
|
6GK5774-1FY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
|
6GK5774-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
|
6GK5774-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
|
6GK5774-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
|
6GK5774-1FX00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
Siemens / SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
|
6GK5774-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
|
6GK5778-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
|
6GK5778-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
Siemens / SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
|
6GK5778-1GY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
Siemens / SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
|
6GK5778-1GY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
|
6GK5786-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
|
6GK5786-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
|
6GK5786-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
|
6GK5786-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
|
6GK5786-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
|
6GK5786-2FE00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
|
6GK5786-2FE00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
|
6GK5786-2HC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
|
6GK5786-2HC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
|
6GK5788-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
|
6GK5788-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
|
6GK5788-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
|
6GK5788-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
|
6GK5788-2GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
|
6GK5788-2GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
|
6GK5788-2GD00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
|
6GK5788-2GD00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
|
6GK5788-2GD00-0TC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
|
6GK5788-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
|
6GK5788-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
|
6GK5788-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
6.5 (Medium)
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
|
6GK5721-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
|
6GK5721-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
|
6GK5722-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
|
6GK5722-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
|
6GK5722-1FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
|
6GK5734-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
|
6GK5734-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
|
6GK5734-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
Siemens / SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
|
6GK5734-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
|
6GK5738-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
|
6GK5738-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
|
6GK5748-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
|
6GK5748-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
|
6GK5748-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
|
6GK5748-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
|
6GK5761-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
|
6GK5761-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
|
6GK5774-1FY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
|
6GK5774-1FY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
|
6GK5774-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
|
6GK5774-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
|
6GK5774-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
|
6GK5774-1FX00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
Siemens / SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
|
6GK5774-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
|
6GK5778-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
|
6GK5778-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
Siemens / SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
|
6GK5778-1GY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
Siemens / SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
|
6GK5778-1GY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
|
6GK5786-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
|
6GK5786-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
|
6GK5786-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
|
6GK5786-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
|
6GK5786-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
|
6GK5786-2FE00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
|
6GK5786-2FE00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
|
6GK5786-2HC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
|
6GK5786-2HC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
|
6GK5788-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
|
6GK5788-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
|
6GK5788-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
|
6GK5788-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
|
6GK5788-2GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
|
6GK5788-2GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
|
6GK5788-2GD00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
|
6GK5788-2GD00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
|
6GK5788-2GD00-0TC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
|
6GK5788-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
|
6GK5788-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
|
6GK5788-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
6.5 (Medium)
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
|
6GK5721-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
|
6GK5721-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
|
6GK5722-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
|
6GK5722-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
|
6GK5722-1FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
|
6GK5734-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
|
6GK5734-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
|
6GK5734-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
Siemens / SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
|
6GK5734-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
|
6GK5738-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
|
6GK5738-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
|
6GK5748-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
|
6GK5748-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
|
6GK5748-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
|
6GK5748-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
|
6GK5761-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
|
6GK5761-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
|
6GK5774-1FY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
|
6GK5774-1FY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
|
6GK5774-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
|
6GK5774-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
|
6GK5774-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
|
6GK5774-1FX00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
Siemens / SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
|
6GK5774-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
|
6GK5778-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
|
6GK5778-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
Siemens / SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
|
6GK5778-1GY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
Siemens / SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
|
6GK5778-1GY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
|
6GK5786-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
|
6GK5786-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
|
6GK5786-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
|
6GK5786-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
|
6GK5786-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
|
6GK5786-2FE00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
|
6GK5786-2FE00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
|
6GK5786-2HC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
|
6GK5786-2HC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
|
6GK5788-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
|
6GK5788-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
|
6GK5788-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
|
6GK5788-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
|
6GK5788-2GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
|
6GK5788-2GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
|
6GK5788-2GD00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
|
6GK5788-2GD00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
|
6GK5788-2GD00-0TC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
|
6GK5788-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
|
6GK5788-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
|
6GK5788-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
5.3 (Medium)
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
|
6GK5721-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
|
6GK5721-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
|
6GK5722-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
|
6GK5722-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
|
6GK5722-1FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
|
6GK5734-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
|
6GK5734-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
|
6GK5734-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
Siemens / SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
|
6GK5734-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
|
6GK5738-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
|
6GK5738-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
|
6GK5748-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
|
6GK5748-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
|
6GK5748-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
|
6GK5748-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
|
6GK5761-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
|
6GK5761-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
|
6GK5774-1FY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
|
6GK5774-1FY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
|
6GK5774-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
|
6GK5774-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
|
6GK5774-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
|
6GK5774-1FX00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
Siemens / SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
|
6GK5774-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
|
6GK5778-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
|
6GK5778-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
Siemens / SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
|
6GK5778-1GY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
Siemens / SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
|
6GK5778-1GY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
|
6GK5786-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
|
6GK5786-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
|
6GK5786-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
|
6GK5786-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
|
6GK5786-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
|
6GK5786-2FE00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
|
6GK5786-2FE00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
|
6GK5786-2HC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
|
6GK5786-2HC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
|
6GK5788-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
|
6GK5788-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
|
6GK5788-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
|
6GK5788-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
|
6GK5788-2GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
|
6GK5788-2GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
|
6GK5788-2GD00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
|
6GK5788-2GD00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
|
6GK5788-2GD00-0TC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
|
6GK5788-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
|
6GK5788-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
|
6GK5788-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
5.4 (Medium)
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
|
6GK5721-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
|
6GK5721-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
|
6GK5722-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
|
6GK5722-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
|
6GK5722-1FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
|
6GK5734-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
|
6GK5734-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
|
6GK5734-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
Siemens / SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
|
6GK5734-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
|
6GK5738-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
|
6GK5738-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
|
6GK5748-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
|
6GK5748-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
|
6GK5748-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
|
6GK5748-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
|
6GK5761-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
|
6GK5761-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
|
6GK5774-1FY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
|
6GK5774-1FY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
|
6GK5774-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
|
6GK5774-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
|
6GK5774-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
|
6GK5774-1FX00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
Siemens / SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
|
6GK5774-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
|
6GK5778-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
|
6GK5778-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
Siemens / SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
|
6GK5778-1GY00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
Siemens / SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
|
6GK5778-1GY00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
|
6GK5786-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
|
6GK5786-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
|
6GK5786-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
|
6GK5786-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
|
6GK5786-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
|
6GK5786-2FE00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
|
6GK5786-2FE00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
|
6GK5786-2HC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
|
6GK5786-2HC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
|
6GK5788-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
|
6GK5788-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
|
6GK5788-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
|
6GK5788-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
|
6GK5788-2GD00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
|
6GK5788-2GD00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
|
6GK5788-2GD00-0TA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
|
6GK5788-2GD00-0TB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
|
6GK5788-2GD00-0TC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
|
6GK5788-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
|
6GK5788-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
|
6GK5788-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Mitigation
Vendor Fix
fix
|
7.4 (High)
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
|
6GK5721-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
|
6GK5721-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
|
6GK5722-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
|
6GK5722-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
|
6GK5722-1FC00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
|
6GK5734-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
|
6GK5734-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
|
6GK5734-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
Siemens / SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
|
6GK5734-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
|
6GK5738-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
|
6GK5738-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
|
6GK5748-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
|
6GK5748-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
|
6GK5748-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
|
6GK5748-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
|
6GK5761-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
|
6GK5761-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
|
6GK5774-1FY00-0TA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
|
6GK5774-1FY00-0TB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
|
6GK5774-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
|
6GK5774-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
|
6GK5774-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
|
6GK5774-1FX00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
Siemens / SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
|
6GK5774-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
|
6GK5778-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
|
6GK5778-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
Siemens / SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
|
6GK5778-1GY00-0TA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
Siemens / SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
|
6GK5778-1GY00-0TB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
|
6GK5786-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
|
6GK5786-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
|
6GK5786-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
|
6GK5786-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
|
6GK5786-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
|
6GK5786-2FE00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
|
6GK5786-2FE00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
|
6GK5786-2HC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
|
6GK5786-2HC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
|
6GK5788-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
|
6GK5788-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
|
6GK5788-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
|
6GK5788-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
|
6GK5788-2GD00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
|
6GK5788-2GD00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
|
6GK5788-2GD00-0TA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
|
6GK5788-2GD00-0TB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
|
6GK5788-2GD00-0TC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
|
6GK5788-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
|
6GK5788-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
|
6GK5788-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
7.5 (High)
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
|
6GK5721-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
|
6GK5721-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
|
6GK5722-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
|
6GK5722-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
|
6GK5722-1FC00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
|
6GK5734-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
|
6GK5734-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
|
6GK5734-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
Siemens / SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
|
6GK5734-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
|
6GK5738-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
|
6GK5738-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
|
6GK5748-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
|
6GK5748-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
|
6GK5748-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
|
6GK5748-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
|
6GK5761-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
|
6GK5761-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
|
6GK5774-1FY00-0TA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
|
6GK5774-1FY00-0TB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
|
6GK5774-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
|
6GK5774-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
|
6GK5774-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
|
6GK5774-1FX00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
Siemens / SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
|
6GK5774-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
|
6GK5778-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
|
6GK5778-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
Siemens / SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
|
6GK5778-1GY00-0TA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
Siemens / SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
|
6GK5778-1GY00-0TB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
|
6GK5786-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
|
6GK5786-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
|
6GK5786-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
|
6GK5786-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
|
6GK5786-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
|
6GK5786-2FE00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
|
6GK5786-2FE00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
|
6GK5786-2HC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
|
6GK5786-2HC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
|
6GK5788-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
|
6GK5788-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
|
6GK5788-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
|
6GK5788-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
|
6GK5788-2GD00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
|
6GK5788-2GD00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
|
6GK5788-2GD00-0TA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
|
6GK5788-2GD00-0TB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
|
6GK5788-2GD00-0TC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
|
6GK5788-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
|
6GK5788-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
|
6GK5788-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
CWE-862
- Missing Authorization
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
|
6GK5721-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
|
6GK5721-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
|
6GK5722-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
|
6GK5722-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
|
6GK5722-1FC00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
|
6GK5734-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
|
6GK5734-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
|
6GK5734-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
Siemens / SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
|
6GK5734-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
|
6GK5738-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
|
6GK5738-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
|
6GK5748-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
|
6GK5748-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
|
6GK5748-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
|
6GK5748-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
|
6GK5761-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
|
6GK5761-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
|
6GK5774-1FY00-0TA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
|
6GK5774-1FY00-0TB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
|
6GK5774-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
|
6GK5774-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
|
6GK5774-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
|
6GK5774-1FX00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
Siemens / SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
|
6GK5774-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
|
6GK5778-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
|
6GK5778-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
Siemens / SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
|
6GK5778-1GY00-0TA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
Siemens / SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
|
6GK5778-1GY00-0TB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
|
6GK5786-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
|
6GK5786-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
|
6GK5786-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
|
6GK5786-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
|
6GK5786-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
|
6GK5786-2FE00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
|
6GK5786-2FE00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
|
6GK5786-2HC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
|
6GK5786-2HC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
|
6GK5788-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
|
6GK5788-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
|
6GK5788-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
|
6GK5788-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
|
6GK5788-2GD00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
|
6GK5788-2GD00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
|
6GK5788-2GD00-0TA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
|
6GK5788-2GD00-0TB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
|
6GK5788-2GD00-0TC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
|
6GK5788-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
|
6GK5788-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
|
6GK5788-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
9.1 (Critical)
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
|
6GK5721-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
|
6GK5721-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
|
6GK5722-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
|
6GK5722-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
|
6GK5722-1FC00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
|
6GK5734-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
|
6GK5734-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
|
6GK5734-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
Siemens / SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
|
6GK5734-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
|
6GK5738-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
|
6GK5738-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
|
6GK5748-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
|
6GK5748-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
|
6GK5748-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
|
6GK5748-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
|
6GK5761-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
|
6GK5761-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
|
6GK5774-1FY00-0TA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
|
6GK5774-1FY00-0TB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
|
6GK5774-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
|
6GK5774-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
|
6GK5774-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
|
6GK5774-1FX00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
Siemens / SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
|
6GK5774-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
|
6GK5778-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
|
6GK5778-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
Siemens / SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
|
6GK5778-1GY00-0TA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
Siemens / SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
|
6GK5778-1GY00-0TB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
|
6GK5786-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
|
6GK5786-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
|
6GK5786-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
|
6GK5786-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
|
6GK5786-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
|
6GK5786-2FE00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
|
6GK5786-2FE00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
|
6GK5786-2HC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
|
6GK5786-2HC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
|
6GK5788-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
|
6GK5788-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
|
6GK5788-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
|
6GK5788-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
|
6GK5788-2GD00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
|
6GK5788-2GD00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
|
6GK5788-2GD00-0TA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
|
6GK5788-2GD00-0TB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
|
6GK5788-2GD00-0TC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
|
6GK5788-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
|
6GK5788-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
|
6GK5788-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
CWE-770
- Allocation of Resources Without Limits or Throttling
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
|
6GK5721-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
|
6GK5721-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
|
6GK5722-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
|
6GK5722-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
|
6GK5722-1FC00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
|
6GK5734-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
|
6GK5734-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
|
6GK5734-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
Siemens / SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
|
6GK5734-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
|
6GK5738-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
|
6GK5738-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
|
6GK5748-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
|
6GK5748-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
|
6GK5748-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
|
6GK5748-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
|
6GK5761-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
|
6GK5761-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
|
6GK5774-1FY00-0TA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
|
6GK5774-1FY00-0TB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
|
6GK5774-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
|
6GK5774-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
|
6GK5774-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
|
6GK5774-1FX00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
Siemens / SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
|
6GK5774-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
|
6GK5778-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
|
6GK5778-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
Siemens / SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
|
6GK5778-1GY00-0TA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
Siemens / SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
|
6GK5778-1GY00-0TB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
|
6GK5786-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
|
6GK5786-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
|
6GK5786-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
|
6GK5786-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
|
6GK5786-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
|
6GK5786-2FE00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
|
6GK5786-2FE00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
|
6GK5786-2HC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
|
6GK5786-2HC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
|
6GK5788-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
|
6GK5788-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
|
6GK5788-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
|
6GK5788-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
|
6GK5788-2GD00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
|
6GK5788-2GD00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
|
6GK5788-2GD00-0TA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
|
6GK5788-2GD00-0TB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
|
6GK5788-2GD00-0TC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
|
6GK5788-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
|
6GK5788-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
|
6GK5788-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
CWE-80
- Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
|
6GK5721-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
|
6GK5721-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
|
6GK5722-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
|
6GK5722-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
|
6GK5722-1FC00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
|
6GK5734-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
|
6GK5734-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
|
6GK5734-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
Siemens / SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
|
6GK5734-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
|
6GK5738-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
|
6GK5738-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
|
6GK5748-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
|
6GK5748-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
|
6GK5748-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
|
6GK5748-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
|
6GK5761-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
|
6GK5761-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
|
6GK5774-1FY00-0TA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
|
6GK5774-1FY00-0TB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
|
6GK5774-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
|
6GK5774-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
|
6GK5774-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
|
6GK5774-1FX00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
Siemens / SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
|
6GK5774-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
|
6GK5778-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
|
6GK5778-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
Siemens / SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
|
6GK5778-1GY00-0TA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
Siemens / SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
|
6GK5778-1GY00-0TB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
|
6GK5786-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
|
6GK5786-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
|
6GK5786-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
|
6GK5786-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
|
6GK5786-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
|
6GK5786-2FE00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
|
6GK5786-2FE00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
|
6GK5786-2HC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
|
6GK5786-2HC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
|
6GK5788-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
|
6GK5788-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
|
6GK5788-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
|
6GK5788-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
|
6GK5788-2GD00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
|
6GK5788-2GD00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
|
6GK5788-2GD00-0TA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
|
6GK5788-2GD00-0TB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
|
6GK5788-2GD00-0TC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
|
6GK5788-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
|
6GK5788-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
|
6GK5788-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
9.1 (Critical)
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
|
6GK5721-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
Siemens / SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)
|
6GK5721-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)
|
6GK5722-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)
|
6GK5722-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
Siemens / SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)
|
6GK5722-1FC00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)
|
6GK5734-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)
|
6GK5734-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
Siemens / SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)
|
6GK5734-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
Siemens / SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)
|
6GK5734-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)
|
6GK5738-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
Siemens / SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)
|
6GK5738-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)
|
6GK5748-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
Siemens / SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)
|
6GK5748-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)
|
6GK5748-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
Siemens / SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)
|
6GK5748-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)
|
6GK5761-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
Siemens / SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)
|
6GK5761-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)
|
6GK5774-1FY00-0TA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
Siemens / SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)
|
6GK5774-1FY00-0TB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)
|
6GK5774-1FX00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)
|
6GK5774-1FX00-0AA6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)
|
6GK5774-1FX00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
Siemens / SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)
|
6GK5774-1FX00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
Siemens / SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)
|
6GK5774-1FX00-0AB6
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)
|
6GK5778-1GY00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
Siemens / SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)
|
6GK5778-1GY00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
Siemens / SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)
|
6GK5778-1GY00-0TA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
Siemens / SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)
|
6GK5778-1GY00-0TB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)
|
6GK5786-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
Siemens / SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)
|
6GK5786-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)
|
6GK5786-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)
|
6GK5786-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
Siemens / SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)
|
6GK5786-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)
|
6GK5786-2FE00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
Siemens / SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)
|
6GK5786-2FE00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)
|
6GK5786-2HC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
Siemens / SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)
|
6GK5786-2HC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)
|
6GK5788-1GD00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
Siemens / SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)
|
6GK5788-1GD00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)
|
6GK5788-1FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
Siemens / SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)
|
6GK5788-1FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)
|
6GK5788-2GD00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
Siemens / SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)
|
6GK5788-2GD00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)
|
6GK5788-2GD00-0TA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)
|
6GK5788-2GD00-0TB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
Siemens / SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)
|
6GK5788-2GD00-0TC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)
|
6GK5788-2FC00-0AA0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)
|
6GK5788-2FC00-0AB0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
|
SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
Siemens / SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)
|
6GK5788-2FC00-0AC0
|
vers:intdot/<6.6.0 |
Vendor Fix
fix
|
References
46 references
Acknowledgments
Siemens ProductCERT
{
"document": {
"acknowledgments": [
{
"organization": "Siemens ProductCERT",
"summary": "reported these vulnerabilities to CISA."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://www.cisa.gov/news-events/news/traffic-light-protocol-tlp-definitions-and-usage"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "SCALANCE W-700 IEEE 802.11n family before V6.6.0 are affected by multiple vulnerabilities.\n\nSiemens has released a new version for SCALANCE W-700 IEEE 802.11n family and recommends to update to the latest version.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
},
{
"category": "legal_disclaimer",
"text": "This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy \u0026 Use policy (https://www.cisa.gov/privacy-policy).",
"title": "Legal Notice and Terms of Use"
},
{
"category": "other",
"text": "This ICSA is a verbatim republication of Siemens ProductCERT SSA-019200 from a direct conversion of the vendor\u0027s Common Security Advisory Framework (CSAF) advisory. This is republished to CISA\u0027s website as a means of increasing visibility and is provided \"as-is\" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact Siemens ProductCERT directly for any questions regarding this advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Communications, Information Technology, Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "other",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "SSA-019200: Multiple Vulnerabilities in SCALANCE W-700 IEEE 802.11n Devices Before V6.6.0 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-019200.json"
},
{
"category": "self",
"summary": "SSA-019200: Multiple Vulnerabilities in SCALANCE W-700 IEEE 802.11n Devices Before V6.6.0 - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-019200.html"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-26-111-07 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2026/icsa-26-111-07.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-26-111-07 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-07"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/ics-alerts/ics-alert-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/news/targeted-cyber-intrusion-detection-and-mitigation-strategies-update-b"
}
],
"title": "Siemens SCALANCE",
"tracking": {
"current_release_date": "2026-04-21T06:00:00.000000Z",
"generator": {
"date": "2026-04-20T18:07:26.686293Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.5.0"
}
},
"id": "ICSA-26-111-07",
"initial_release_date": "2026-04-14T00:00:00.000000Z",
"revision_history": [
{
"date": "2026-04-14T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2026-04-21T06:00:00.000000Z",
"legacy_version": "CISA Republication",
"number": "2",
"summary": "Initial CISA Republication of Siemens ProductCERT SSA-019200 advisory"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)",
"product_id": "CSAFPID-0001",
"product_identification_helper": {
"model_numbers": [
"6GK5721-1FC00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)",
"product_id": "CSAFPID-0002",
"product_identification_helper": {
"model_numbers": [
"6GK5721-1FC00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)",
"product_id": "CSAFPID-0003",
"product_identification_helper": {
"model_numbers": [
"6GK5722-1FC00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)",
"product_id": "CSAFPID-0004",
"product_identification_helper": {
"model_numbers": [
"6GK5722-1FC00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)",
"product_id": "CSAFPID-0005",
"product_identification_helper": {
"model_numbers": [
"6GK5722-1FC00-0AC0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)",
"product_id": "CSAFPID-0006",
"product_identification_helper": {
"model_numbers": [
"6GK5734-1FX00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)",
"product_id": "CSAFPID-0007",
"product_identification_helper": {
"model_numbers": [
"6GK5734-1FX00-0AA6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)",
"product_id": "CSAFPID-0008",
"product_identification_helper": {
"model_numbers": [
"6GK5734-1FX00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)",
"product_id": "CSAFPID-0009",
"product_identification_helper": {
"model_numbers": [
"6GK5734-1FX00-0AB6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)",
"product_id": "CSAFPID-0010",
"product_identification_helper": {
"model_numbers": [
"6GK5738-1GY00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)",
"product_id": "CSAFPID-0011",
"product_identification_helper": {
"model_numbers": [
"6GK5738-1GY00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)",
"product_id": "CSAFPID-0012",
"product_identification_helper": {
"model_numbers": [
"6GK5748-1GD00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)",
"product_id": "CSAFPID-0013",
"product_identification_helper": {
"model_numbers": [
"6GK5748-1GD00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)",
"product_id": "CSAFPID-0014",
"product_identification_helper": {
"model_numbers": [
"6GK5748-1FC00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)",
"product_id": "CSAFPID-0015",
"product_identification_helper": {
"model_numbers": [
"6GK5748-1FC00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)",
"product_id": "CSAFPID-0016",
"product_identification_helper": {
"model_numbers": [
"6GK5761-1FC00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)",
"product_id": "CSAFPID-0017",
"product_identification_helper": {
"model_numbers": [
"6GK5761-1FC00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)",
"product_id": "CSAFPID-0018",
"product_identification_helper": {
"model_numbers": [
"6GK5774-1FY00-0TA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)",
"product_id": "CSAFPID-0019",
"product_identification_helper": {
"model_numbers": [
"6GK5774-1FY00-0TB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)",
"product_id": "CSAFPID-0020",
"product_identification_helper": {
"model_numbers": [
"6GK5774-1FX00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)",
"product_id": "CSAFPID-0021",
"product_identification_helper": {
"model_numbers": [
"6GK5774-1FX00-0AA6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)",
"product_id": "CSAFPID-0022",
"product_identification_helper": {
"model_numbers": [
"6GK5774-1FX00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)",
"product_id": "CSAFPID-0023",
"product_identification_helper": {
"model_numbers": [
"6GK5774-1FX00-0AC0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)",
"product_id": "CSAFPID-0024",
"product_identification_helper": {
"model_numbers": [
"6GK5774-1FX00-0AB6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)",
"product_id": "CSAFPID-0025",
"product_identification_helper": {
"model_numbers": [
"6GK5778-1GY00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)",
"product_id": "CSAFPID-0026",
"product_identification_helper": {
"model_numbers": [
"6GK5778-1GY00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)",
"product_id": "CSAFPID-0027",
"product_identification_helper": {
"model_numbers": [
"6GK5778-1GY00-0TA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)",
"product_id": "CSAFPID-0028",
"product_identification_helper": {
"model_numbers": [
"6GK5778-1GY00-0TB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)",
"product_id": "CSAFPID-0029",
"product_identification_helper": {
"model_numbers": [
"6GK5786-1FC00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)",
"product_id": "CSAFPID-0030",
"product_identification_helper": {
"model_numbers": [
"6GK5786-1FC00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)",
"product_id": "CSAFPID-0031",
"product_identification_helper": {
"model_numbers": [
"6GK5786-2FC00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)",
"product_id": "CSAFPID-0032",
"product_identification_helper": {
"model_numbers": [
"6GK5786-2FC00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)",
"product_id": "CSAFPID-0033",
"product_identification_helper": {
"model_numbers": [
"6GK5786-2FC00-0AC0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)",
"product_id": "CSAFPID-0034",
"product_identification_helper": {
"model_numbers": [
"6GK5786-2FE00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)",
"product_id": "CSAFPID-0035",
"product_identification_helper": {
"model_numbers": [
"6GK5786-2FE00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)",
"product_id": "CSAFPID-0036",
"product_identification_helper": {
"model_numbers": [
"6GK5786-2HC00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)",
"product_id": "CSAFPID-0037",
"product_identification_helper": {
"model_numbers": [
"6GK5786-2HC00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)",
"product_id": "CSAFPID-0038",
"product_identification_helper": {
"model_numbers": [
"6GK5788-1GD00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)",
"product_id": "CSAFPID-0039",
"product_identification_helper": {
"model_numbers": [
"6GK5788-1GD00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)",
"product_id": "CSAFPID-0040",
"product_identification_helper": {
"model_numbers": [
"6GK5788-1FC00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)",
"product_id": "CSAFPID-0041",
"product_identification_helper": {
"model_numbers": [
"6GK5788-1FC00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)",
"product_id": "CSAFPID-0042",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2GD00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)",
"product_id": "CSAFPID-0043",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2GD00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)",
"product_id": "CSAFPID-0044",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2GD00-0TA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)",
"product_id": "CSAFPID-0045",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2GD00-0TB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)",
"product_id": "CSAFPID-0046",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2GD00-0TC0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)",
"product_id": "CSAFPID-0047",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2FC00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)",
"product_id": "CSAFPID-0048",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2FC00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003c6.6.0",
"product": {
"name": "SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)",
"product_id": "CSAFPID-0049",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2FC00-0AC0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-24588",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"category": "summary",
"text": "The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn\u0027t require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24588"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/306.html"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "As these vulnerabilities can only be exploited within Wi-Fi range, when possible reduce Wi-Fi transmission power or make sure to have the devices in private areas with physical access controls",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
},
{
"category": "mitigation",
"details": "Disable A-MSDU, if possible",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
},
{
"category": "vendor_fix",
"details": "Update to V6.6.0 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109996102/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
}
],
"title": "CVE-2020-24588"
},
{
"cve": "CVE-2020-26139",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26139"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/287.html"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "As these vulnerabilities can only be exploited within Wi-Fi range, when possible reduce Wi-Fi transmission power or make sure to have the devices in private areas with physical access controls",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
},
{
"category": "vendor_fix",
"details": "Update to V6.6.0 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109996102/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
}
],
"title": "CVE-2020-26139"
},
{
"cve": "CVE-2020-26140",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26140"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/74.html"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "As these vulnerabilities can only be exploited within Wi-Fi range, when possible reduce Wi-Fi transmission power or make sure to have the devices in private areas with physical access controls",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
},
{
"category": "vendor_fix",
"details": "Update to V6.6.0 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109996102/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
}
],
"title": "CVE-2020-26140"
},
{
"cve": "CVE-2020-26141",
"cwe": {
"id": "CWE-354",
"name": "Improper Validation of Integrity Check Value"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26141"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/354.html"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "As these vulnerabilities can only be exploited within Wi-Fi range, when possible reduce Wi-Fi transmission power or make sure to have the devices in private areas with physical access controls",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
},
{
"category": "vendor_fix",
"details": "Update to V6.6.0 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109996102/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
}
],
"title": "CVE-2020-26141"
},
{
"cve": "CVE-2020-26143",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26143"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "As these vulnerabilities can only be exploited within Wi-Fi range, when possible reduce Wi-Fi transmission power or make sure to have the devices in private areas with physical access controls",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
},
{
"category": "vendor_fix",
"details": "Update to V6.6.0 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109996102/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
}
],
"title": "CVE-2020-26143"
},
{
"cve": "CVE-2020-26144",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext A-MSDU frames as long as the first 8 bytes correspond to a valid RFC1042 (i.e., LLC/SNAP) header for EAPOL. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26144"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "As these vulnerabilities can only be exploited within Wi-Fi range, when possible reduce Wi-Fi transmission power or make sure to have the devices in private areas with physical access controls",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
},
{
"category": "vendor_fix",
"details": "Update to V6.6.0 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109996102/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
}
],
"title": "CVE-2020-26144"
},
{
"cve": "CVE-2020-26146",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26146"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "As these vulnerabilities can only be exploited within Wi-Fi range, when possible reduce Wi-Fi transmission power or make sure to have the devices in private areas with physical access controls",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
},
{
"category": "vendor_fix",
"details": "Update to V6.6.0 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109996102/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
}
],
"title": "CVE-2020-26146"
},
{
"cve": "CVE-2020-26147",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26147"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "As these vulnerabilities can only be exploited within Wi-Fi range, when possible reduce Wi-Fi transmission power or make sure to have the devices in private areas with physical access controls",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
},
{
"category": "vendor_fix",
"details": "Update to V6.6.0 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109996102/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
}
],
"title": "CVE-2020-26147"
},
{
"cve": "CVE-2021-3712",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL\u0027s own \"d2i\" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the \"data\" and \"length\" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the \"data\" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/125.html"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V6.6.0 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109996102/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
}
],
"title": "CVE-2021-3712"
},
{
"cve": "CVE-2022-0778",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The BN_mod_sqrt() function in openSSL, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/835.html"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V6.6.0 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109996102/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
}
],
"title": "CVE-2022-0778"
},
{
"cve": "CVE-2022-31765",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "summary",
"text": "Affected devices do not properly authorize the change password function of the web interface.\r\nThis could allow low privileged users to escalate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31765"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/862.html"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V6.6.0 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109996102/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
}
],
"title": "CVE-2022-31765"
},
{
"cve": "CVE-2022-36323",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36323"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/74.html"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V6.6.0 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109996102/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
}
],
"title": "CVE-2022-36323"
},
{
"cve": "CVE-2022-36324",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute force prevention and lead to a denial of service condition for the duration of the attack.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36324"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/770.html"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V6.6.0 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109996102/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
}
],
"title": "CVE-2022-36324"
},
{
"cve": "CVE-2022-36325",
"cwe": {
"id": "CWE-80",
"name": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
},
"notes": [
{
"category": "summary",
"text": "Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authenticated remote attacker with administrative privileges to inject code and lead to a DOM-based XSS.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36325"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/80.html"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V6.6.0 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109996102/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
}
],
"title": "CVE-2022-36325"
},
{
"cve": "CVE-2023-44373",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. Follow-up of CVE-2022-36323.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44373"
},
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/74.html"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V6.6.0 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109996102/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037",
"CSAFPID-0038",
"CSAFPID-0039",
"CSAFPID-0040",
"CSAFPID-0041",
"CSAFPID-0042",
"CSAFPID-0043",
"CSAFPID-0044",
"CSAFPID-0045",
"CSAFPID-0046",
"CSAFPID-0047",
"CSAFPID-0048",
"CSAFPID-0049"
]
}
],
"title": "CVE-2023-44373"
}
]
}
NCSC-2026-0112
Vulnerability from csaf_ncscnl - Published: 2026-04-14 11:37 - Updated: 2026-04-14 11:37Summary
Kwetsbaarheden verholpen in Siemens producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Siemens heeft kwetsbaarheden verholpen in diverse producten zoals Analytics Toolkit, Ruggedcom, Industrial Edge Management Pro, SIDIS en TPM.
Interpretaties: De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipulatie van gegevens
- Omzeilen van een beveiligingsmaatregel
- (Remote) code execution (root/admin rechten)
- Toegang tot systeemgegevens
- Verhogen van rechten
Voor succesvol misbruik van de genoemde kwetsbaarheden moet de kwaadwillende toegang hebben tot de productie-omgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.
Oplossingen: Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.
Kans: medium
Schade: high
CWE-20: Improper Input Validation
CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
CWE-99: Improper Control of Resource Identifiers ('Resource Injection')
CWE-125: Out-of-bounds Read
CWE-197: Numeric Truncation Error
CWE-266: Incorrect Privilege Assignment
CWE-284: Improper Access Control
CWE-287: Improper Authentication
CWE-290: Authentication Bypass by Spoofing
CWE-295: Improper Certificate Validation
CWE-305: Authentication Bypass by Primary Weakness
CWE-306: Missing Authentication for Critical Function
CWE-307: Improper Restriction of Excessive Authentication Attempts
CWE-327: Use of a Broken or Risky Cryptographic Algorithm
CWE-345: Insufficient Verification of Data Authenticity
CWE-346: Origin Validation Error
CWE-347: Improper Verification of Cryptographic Signature
CWE-354: Improper Validation of Integrity Check Value
CWE-400: Uncontrolled Resource Consumption
CWE-639: Authorization Bypass Through User-Controlled Key
CWE-770: Allocation of Resources Without Limits or Throttling
CWE-829: Inclusion of Functionality from Untrusted Control Sphere
CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-862: Missing Authorization
CWE-863: Incorrect Authorization
Multiple SUSE Linux Enterprise kernel updates across versions 11, 12, and 15 addressed critical security vulnerabilities including use-after-free, heap overflows, race conditions, side-channel leaks, and Wi-Fi protocol flaws, alongside extensive non-security bug fixes.
CWE-306 - Missing Authentication for Critical FunctionAffected products
Known affected
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Siemens / 6AG1206-2BB00-7AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1206-2Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1208-0Ba00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1216-4Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2GF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2YF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2TB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BF00-2TB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2BD00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2RS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5632-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5646-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5721-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5722-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5734-1FX00-0AA0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / BFCClient
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE EU Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE US Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-8 IRC Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1542SP-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Machine Insight App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - OPC UA Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Opc Ua Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - PROFINET IO Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - SIMATIC S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Simatic S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Virtual
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Open PCS 7
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V8.2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.0
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / ROX II Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Station Access Controller (SAC)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE4G
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000RE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1400
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1511
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1536
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RX1400 (Firmware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Eu
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Nam
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Mx5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M816-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M826-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M874-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-3 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-4 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE MUM856-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE S615
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC-600 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC622-2C
|
vers:unknown/* |
Multiple security vulnerabilities affecting NetBSD and various SUSE Linux Enterprise kernel versions include flaws in BPF verifier, Bluetooth, Wi-Fi fragmentation, heap overflows, use-after-free bugs, and EAPOL frame handling, with extensive non-security fixes across drivers and subsystems.
5.3 (Medium)
Affected products
Known affected
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Siemens / 6AG1206-2BB00-7AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1206-2Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1208-0Ba00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1216-4Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2GF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2YF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2TB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BF00-2TB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2BD00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2RS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5632-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5646-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5721-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5722-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5734-1FX00-0AA0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / BFCClient
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE EU Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE US Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-8 IRC Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1542SP-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Machine Insight App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - OPC UA Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Opc Ua Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - PROFINET IO Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - SIMATIC S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Simatic S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Virtual
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Open PCS 7
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V8.2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.0
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / ROX II Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Station Access Controller (SAC)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE4G
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000RE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1400
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1511
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1536
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RX1400 (Firmware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Eu
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Nam
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Mx5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M816-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M826-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M874-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-3 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-4 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE MUM856-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE S615
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC-600 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC622-2C
|
vers:unknown/* |
Multiple vulnerabilities in WiFi protocols and drivers, including IEEE 802.11, ALFA Windows 10 driver 6.1316.1209 for AWUS036H, and Linux kernel implementations, allow attackers to inject arbitrary plaintext frames into protected networks across WPA3 and earlier standards.
6.5 (Medium)
Affected products
Known affected
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Siemens / 6AG1206-2BB00-7AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1206-2Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1208-0Ba00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1216-4Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2GF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2YF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2TB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BF00-2TB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2BD00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2RS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5632-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5646-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5721-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5722-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5734-1FX00-0AA0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / BFCClient
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE EU Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE US Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-8 IRC Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1542SP-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Machine Insight App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - OPC UA Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Opc Ua Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - PROFINET IO Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - SIMATIC S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Simatic S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Virtual
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Open PCS 7
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V8.2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.0
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / ROX II Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Station Access Controller (SAC)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE4G
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000RE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1400
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1511
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1536
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RX1400 (Firmware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Eu
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Nam
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Mx5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M816-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M826-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M874-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-3 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-4 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE MUM856-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE S615
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC-600 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC622-2C
|
vers:unknown/* |
Multiple security vulnerabilities including Wi-Fi fragmentation flaws, use-after-free, denial-of-service, BPF verifier bugs, heap overflows, and race conditions have been addressed across various SUSE Linux Enterprise kernel updates and an ALFA Windows 10 driver for AWUS036H, impacting WPA/WPA2 networks and kernel stability.
6.5 (Medium)
Affected products
Known affected
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Siemens / 6AG1206-2BB00-7AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1206-2Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1208-0Ba00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1216-4Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2GF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2YF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2TB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BF00-2TB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2BD00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2RS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5632-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5646-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5721-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5722-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5734-1FX00-0AA0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / BFCClient
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE EU Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE US Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-8 IRC Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1542SP-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Machine Insight App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - OPC UA Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Opc Ua Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - PROFINET IO Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - SIMATIC S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Simatic S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Virtual
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Open PCS 7
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V8.2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.0
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / ROX II Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Station Access Controller (SAC)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE4G
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000RE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1400
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1511
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1536
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RX1400 (Firmware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Eu
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Nam
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Mx5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M816-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M826-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M874-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-3 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-4 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE MUM856-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE S615
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC-600 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC622-2C
|
vers:unknown/* |
Multiple vulnerabilities in Linux kernel, ALFA Windows 10 driver for AWUS036ACH, and IEEE 802.11 protocols allow attackers to inject malicious WiFi frames and exfiltrate data across WEP, CCMP, GCMP, WPA3, and protected networks.
6.5 (Medium)
Affected products
Known affected
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Siemens / 6AG1206-2BB00-7AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1206-2Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1208-0Ba00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1216-4Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2GF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2YF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2TB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BF00-2TB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2BD00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2RS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5632-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5646-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5721-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5722-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5734-1FX00-0AA0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / BFCClient
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE EU Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE US Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-8 IRC Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1542SP-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Machine Insight App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - OPC UA Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Opc Ua Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - PROFINET IO Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - SIMATIC S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Simatic S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Virtual
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Open PCS 7
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V8.2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.0
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / ROX II Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Station Access Controller (SAC)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE4G
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000RE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1400
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1511
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1536
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RX1400 (Firmware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Eu
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Nam
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Mx5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M816-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M826-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M874-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-3 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-4 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE MUM856-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE S615
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC-600 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC622-2C
|
vers:unknown/* |
Multiple vulnerabilities affect Samsung Galaxy S3 i9305 devices, Linux kernel WiFi implementations, and Windows Wireless Networking, allowing attackers to inject or spoof network packets by exploiting acceptance of plaintext A-MSDU frames with valid RFC1042 headers for EAPOL.
6.5 (Medium)
Affected products
Known affected
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Siemens / 6AG1206-2BB00-7AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1206-2Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1208-0Ba00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1216-4Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2GF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2YF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2TB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BF00-2TB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2BD00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2RS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5632-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5646-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5721-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5722-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5734-1FX00-0AA0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / BFCClient
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE EU Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE US Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-8 IRC Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1542SP-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Machine Insight App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - OPC UA Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Opc Ua Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - PROFINET IO Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - SIMATIC S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Simatic S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Virtual
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Open PCS 7
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V8.2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.0
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / ROX II Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Station Access Controller (SAC)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE4G
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000RE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1400
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1511
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1536
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RX1400 (Firmware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Eu
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Nam
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Mx5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M816-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M826-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M874-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-3 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-4 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE MUM856-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE S615
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC-600 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC622-2C
|
vers:unknown/* |
Multiple vulnerabilities in WiFi implementations, including IEEE 802.11 standards and specific devices like Samsung Galaxy S3 i9305 on Android 4.4.4, allow attackers to inject malicious frames and exfiltrate data via fragmented frame reassembly flaws affecting WEP, WPA, WPA2, WPA3, CCMP, and GCMP protocols.
5.3 (Medium)
Affected products
Known affected
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Siemens / 6AG1206-2BB00-7AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1206-2Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1208-0Ba00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1216-4Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2GF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2YF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2TB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BF00-2TB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2BD00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2RS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5632-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5646-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5721-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5722-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5734-1FX00-0AA0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / BFCClient
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE EU Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE US Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-8 IRC Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1542SP-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Machine Insight App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - OPC UA Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Opc Ua Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - PROFINET IO Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - SIMATIC S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Simatic S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Virtual
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Open PCS 7
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V8.2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.0
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / ROX II Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Station Access Controller (SAC)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE4G
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000RE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1400
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1511
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1536
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RX1400 (Firmware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Eu
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Nam
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Mx5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M816-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M826-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M874-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-3 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-4 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE MUM856-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE S615
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC-600 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC622-2C
|
vers:unknown/* |
Multiple SUSE Linux Enterprise kernel updates across versions 12, 15, and LTSS address critical security vulnerabilities including use-after-free, heap overflows, race conditions, and Wi-Fi protocol flaws, alongside extensive non-security bug fixes.
5.4 (Medium)
Affected products
Known affected
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Siemens / 6AG1206-2BB00-7AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1206-2Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1208-0Ba00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1216-4Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2GF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2YF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2TB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BF00-2TB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2BD00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2RS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5632-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5646-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5721-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5722-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5734-1FX00-0AA0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / BFCClient
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE EU Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE US Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-8 IRC Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1542SP-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Machine Insight App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - OPC UA Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Opc Ua Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - PROFINET IO Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - SIMATIC S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Simatic S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Virtual
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Open PCS 7
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V8.2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.0
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / ROX II Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Station Access Controller (SAC)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE4G
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000RE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1400
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1511
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1536
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RX1400 (Firmware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Eu
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Nam
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Mx5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M816-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M826-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M874-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-3 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-4 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE MUM856-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE S615
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC-600 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC622-2C
|
vers:unknown/* |
Multiple OpenSSL versions prior to 1.1.1l and 1.0.2za contain buffer overrun and memory disclosure vulnerabilities in ASN.1 string processing, affecting various products including Oracle Siebel CRM, Oracle Communications, NetApp, HPE, and Solarwinds, with CVSS scores up to 7.4.
7.4 (High)
Affected products
Known affected
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Siemens / 6AG1206-2BB00-7AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1206-2Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1208-0Ba00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1216-4Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2GF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2YF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2TB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BF00-2TB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2BD00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2RS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5632-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5646-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5721-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5722-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5734-1FX00-0AA0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / BFCClient
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE EU Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE US Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-8 IRC Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1542SP-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Machine Insight App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - OPC UA Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Opc Ua Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - PROFINET IO Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - SIMATIC S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Simatic S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Virtual
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Open PCS 7
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V8.2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.0
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / ROX II Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Station Access Controller (SAC)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE4G
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000RE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1400
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1511
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1536
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RX1400 (Firmware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Eu
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Nam
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Mx5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M816-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M826-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M874-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-3 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-4 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE MUM856-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE S615
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC-600 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC622-2C
|
vers:unknown/* |
A critical vulnerability in OpenSSL's BN_mod_sqrt() function causes infinite loops when parsing crafted certificates with invalid elliptic curve parameters, leading to denial of service across multiple OpenSSL versions and affecting various products including Node.js, Oracle, SAP, and NetApp.
7.5 (High)
Affected products
Known affected
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Siemens / 6AG1206-2BB00-7AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1206-2Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1208-0Ba00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1216-4Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2GF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2YF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2TB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BF00-2TB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2BD00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2RS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5632-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5646-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5721-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5722-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5734-1FX00-0AA0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / BFCClient
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE EU Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE US Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-8 IRC Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1542SP-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Machine Insight App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - OPC UA Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Opc Ua Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - PROFINET IO Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - SIMATIC S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Simatic S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Virtual
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Open PCS 7
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V8.2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.0
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / ROX II Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Station Access Controller (SAC)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE4G
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000RE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1400
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1511
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1536
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RX1400 (Firmware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Eu
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Nam
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Mx5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M816-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M826-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M874-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-3 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-4 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE MUM856-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE S615
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC-600 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC622-2C
|
vers:unknown/* |
A vulnerability in the web interface's change password function allows low privileged users on affected devices to escalate their privileges.
CWE-862 - Missing AuthorizationAffected products
Known affected
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Siemens / 6AG1206-2BB00-7AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1206-2Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1208-0Ba00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1216-4Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2GF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2YF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2TB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BF00-2TB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2BD00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2RS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5632-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5646-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5721-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5722-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5734-1FX00-0AA0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / BFCClient
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE EU Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE US Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-8 IRC Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1542SP-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Machine Insight App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - OPC UA Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Opc Ua Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - PROFINET IO Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - SIMATIC S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Simatic S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Virtual
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Open PCS 7
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V8.2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.0
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / ROX II Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Station Access Controller (SAC)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE4G
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000RE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1400
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1511
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1536
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RX1400 (Firmware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Eu
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Nam
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Mx5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M816-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M826-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M874-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-3 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-4 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE MUM856-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE S615
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC-600 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC622-2C
|
vers:unknown/* |
Siemens products including SCALANCE, SICAM, Tecnomatix, SITOP, and PowerSys contain vulnerabilities allowing authenticated remote attackers with administrative privileges to inject code or gain root shell access due to improper input sanitization.
9.1 (Critical)
Affected products
Known affected
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Siemens / 6AG1206-2BB00-7AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1206-2Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1208-0Ba00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1216-4Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2GF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2YF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2TB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BF00-2TB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2BD00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2RS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5632-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5646-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5721-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5722-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5734-1FX00-0AA0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / BFCClient
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE EU Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE US Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-8 IRC Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1542SP-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Machine Insight App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - OPC UA Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Opc Ua Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - PROFINET IO Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - SIMATIC S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Simatic S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Virtual
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Open PCS 7
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V8.2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.0
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / ROX II Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Station Access Controller (SAC)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE4G
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000RE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1400
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1511
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1536
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RX1400 (Firmware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Eu
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Nam
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Mx5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M816-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M826-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M874-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-3 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-4 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE MUM856-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE S615
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC-600 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC622-2C
|
vers:unknown/* |
Affected devices improperly handle SSL/TLS renegotiation, allowing unauthenticated remote attackers to bypass TCP brute force protections and cause denial of service during the attack.
CWE-770 - Allocation of Resources Without Limits or ThrottlingAffected products
Known affected
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Siemens / 6AG1206-2BB00-7AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1206-2Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1208-0Ba00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1216-4Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2GF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2YF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2TB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BF00-2TB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2BD00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2RS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5632-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5646-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5721-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5722-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5734-1FX00-0AA0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / BFCClient
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE EU Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE US Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-8 IRC Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1542SP-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Machine Insight App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - OPC UA Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Opc Ua Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - PROFINET IO Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - SIMATIC S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Simatic S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Virtual
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Open PCS 7
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V8.2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.0
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / ROX II Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Station Access Controller (SAC)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE4G
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000RE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1400
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1511
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1536
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RX1400 (Firmware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Eu
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Nam
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Mx5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M816-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M826-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M874-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-3 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-4 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE MUM856-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE S615
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC-600 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC622-2C
|
vers:unknown/* |
Affected devices improperly sanitize user input in their web interface, enabling an authenticated remote attacker with administrative privileges to execute a DOM-based cross-site scripting (XSS) attack.
CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)Affected products
Known affected
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Siemens / 6AG1206-2BB00-7AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1206-2Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1208-0Ba00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1216-4Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2GF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2YF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2TB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BF00-2TB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2BD00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2RS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5632-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5646-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5721-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5722-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5734-1FX00-0AA0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / BFCClient
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE EU Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE US Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-8 IRC Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1542SP-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Machine Insight App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - OPC UA Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Opc Ua Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - PROFINET IO Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - SIMATIC S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Simatic S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Virtual
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Open PCS 7
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V8.2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.0
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / ROX II Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Station Access Controller (SAC)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE4G
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000RE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1400
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1511
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1536
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RX1400 (Firmware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Eu
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Nam
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Mx5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M816-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M826-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M874-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-3 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-4 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE MUM856-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE S615
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC-600 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC622-2C
|
vers:unknown/* |
Multiple Siemens RUGGEDCOM and SCALANCE devices below versions V8.0 or V2.4.0 contain vulnerabilities allowing authenticated admin users to execute code or spawn root shells due to improper input sanitization, related to CVE-2022-36323.
9.1 (Critical)
Affected products
Known affected
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Siemens / 6AG1206-2BB00-7AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1206-2Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1208-0Ba00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1216-4Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2GF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2YF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2TB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BF00-2TB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2BD00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2RS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5632-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5646-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5721-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5722-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5734-1FX00-0AA0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / BFCClient
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE EU Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE US Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-8 IRC Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1542SP-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Machine Insight App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - OPC UA Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Opc Ua Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - PROFINET IO Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - SIMATIC S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Simatic S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Virtual
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Open PCS 7
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V8.2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.0
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / ROX II Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Station Access Controller (SAC)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE4G
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000RE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1400
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1511
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1536
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RX1400 (Firmware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Eu
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Nam
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Mx5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M816-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M826-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M874-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-3 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-4 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE MUM856-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE S615
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC-600 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC622-2C
|
vers:unknown/* |
Multiple vulnerabilities affect the TCG TPM2.0 Reference implementation's CryptHmacSign function and various HPE servers, including local denial of service and out-of-bounds read issues, as detailed in Intel Security Advisory INTEL-SA-01209 and TCG advisories.
6.6 (Medium)
Affected products
Known affected
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Siemens / 6AG1206-2BB00-7AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1206-2Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1208-0Ba00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1216-4Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2GF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2YF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2TB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BF00-2TB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2BD00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2RS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5632-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5646-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5721-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5722-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5734-1FX00-0AA0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / BFCClient
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE EU Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE US Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-8 IRC Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1542SP-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Machine Insight App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - OPC UA Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Opc Ua Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - PROFINET IO Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - SIMATIC S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Simatic S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Virtual
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Open PCS 7
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V8.2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.0
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / ROX II Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Station Access Controller (SAC)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE4G
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000RE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1400
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1511
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1536
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RX1400 (Firmware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Eu
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Nam
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Mx5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M816-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M826-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M874-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-3 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-4 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE MUM856-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE S615
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC-600 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC622-2C
|
vers:unknown/* |
Critical vulnerabilities in Oracle Communications Cloud Native Core Unified Data Repository and Oracle Siebel CRM Cloud Applications allow unauthenticated attackers full system compromise, while multiple SQLite and MySQL flaws affect NetApp and other vendors, causing memory corruption and potential data breaches.
9.8 (Critical)
Affected products
Known affected
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Siemens / 6AG1206-2BB00-7AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1206-2Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1208-0Ba00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1216-4Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2GF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2YF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2TB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BF00-2TB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2BD00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2RS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5632-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5646-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5721-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5722-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5734-1FX00-0AA0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / BFCClient
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE EU Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE US Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-8 IRC Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1542SP-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Machine Insight App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - OPC UA Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Opc Ua Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - PROFINET IO Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - SIMATIC S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Simatic S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Virtual
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Open PCS 7
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V8.2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.0
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / ROX II Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Station Access Controller (SAC)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE4G
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000RE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1400
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1511
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1536
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RX1400 (Firmware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Eu
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Nam
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Mx5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M816-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M826-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M874-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-3 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-4 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE MUM856-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE S615
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC-600 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC622-2C
|
vers:unknown/* |
A vulnerability in multiple Siemens software products allows unauthenticated remote attackers to conduct man-in-the-middle attacks by exploiting improper validation of client certificates when connecting to the Analytics Service endpoint.
CWE-295 - Improper Certificate ValidationAffected products
Known affected
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Siemens / 6AG1206-2BB00-7AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1206-2Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1208-0Ba00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1216-4Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2GF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2YF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2TB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BF00-2TB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2BD00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2RS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5632-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5646-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5721-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5722-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5734-1FX00-0AA0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / BFCClient
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE EU Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE US Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-8 IRC Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1542SP-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Machine Insight App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - OPC UA Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Opc Ua Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - PROFINET IO Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - SIMATIC S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Simatic S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Virtual
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Open PCS 7
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V8.2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.0
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / ROX II Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Station Access Controller (SAC)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE4G
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000RE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1400
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1511
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1536
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RX1400 (Firmware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Eu
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Nam
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Mx5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M816-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M826-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M874-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-3 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-4 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE MUM856-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE S615
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC-600 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC622-2C
|
vers:unknown/* |
A vulnerability in SINEC NMS versions prior to V4.0 SP3 with UMC allows unauthenticated remote attackers to bypass authentication due to insufficient user identity validation in the UMC component.
7.3 (High)
Affected products
Known affected
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Siemens / 6AG1206-2BB00-7AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1206-2Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1208-0Ba00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1216-4Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2GF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2YF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2TB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BF00-2TB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2BD00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2RS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5632-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5646-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5721-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5722-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5734-1FX00-0AA0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / BFCClient
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE EU Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE US Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-8 IRC Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1542SP-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Machine Insight App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - OPC UA Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Opc Ua Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - PROFINET IO Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - SIMATIC S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Simatic S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Virtual
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Open PCS 7
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V8.2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.0
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / ROX II Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Station Access Controller (SAC)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE4G
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000RE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1400
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1511
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1536
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RX1400 (Firmware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Eu
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Nam
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Mx5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M816-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M826-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M874-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-3 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-4 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE MUM856-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE S615
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC-600 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC622-2C
|
vers:unknown/* |
A vulnerability in SINEC NMS versions prior to V4.0 SP3 enables an authenticated remote attacker to bypass authorization controls and reset any user account password.
8.8 (High)
Affected products
Known affected
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Siemens / 6AG1206-2BB00-7AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1206-2Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1208-0Ba00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1216-4Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2GF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2YF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2TB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BF00-2TB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2BD00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2RS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5632-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5646-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5721-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5722-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5734-1FX00-0AA0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / BFCClient
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE EU Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE US Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-8 IRC Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1542SP-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Machine Insight App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - OPC UA Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Opc Ua Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - PROFINET IO Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - SIMATIC S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Simatic S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Virtual
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Open PCS 7
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V8.2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.0
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / ROX II Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Station Access Controller (SAC)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE4G
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000RE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1400
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1511
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1536
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RX1400 (Firmware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Eu
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Nam
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Mx5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M816-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M826-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M874-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-3 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-4 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE MUM856-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE S615
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC-600 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC622-2C
|
vers:unknown/* |
A vulnerability in RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) before version 5.8 allows authenticated User Administrators to escalate privileges and gain access to any device group at any access level.
8.8 (High)
Affected products
Known affected
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Siemens / 6AG1206-2BB00-7AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1206-2Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1208-0Ba00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1216-4Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2GF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2YF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2TB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BF00-2TB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2BD00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2RS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5632-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5646-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5721-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5722-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5734-1FX00-0AA0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / BFCClient
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE EU Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE US Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-8 IRC Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1542SP-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Machine Insight App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - OPC UA Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Opc Ua Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - PROFINET IO Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - SIMATIC S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Simatic S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Virtual
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Open PCS 7
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V8.2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.0
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / ROX II Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Station Access Controller (SAC)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE4G
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000RE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1400
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1511
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1536
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RX1400 (Firmware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Eu
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Nam
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Mx5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M816-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M826-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M874-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-3 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-4 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE MUM856-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE S615
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC-600 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC622-2C
|
vers:unknown/* |
A vulnerability in Industrial Edge Management Pro and Virtual allows unauthenticated remote attackers to bypass authentication and impersonate users by exploiting improperly enforced authentication on remote device connections when the feature is enabled and connection details are known.
7.1 (High)
Affected products
Known affected
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Siemens / 6AG1206-2BB00-7AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1206-2Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1208-0Ba00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6Ag1216-4Bs00-7Ac2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2GF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5204-0BA00-2YF2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BB00-2TB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5205-3BF00-2TB2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2BD00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2GS00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5206-2RS00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AB2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0BA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2AC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2FC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5208-0GA00-2TC2 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5632-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5646-2GS00-2AC2 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5721-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5722-1FC00-0AB0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / 6GK5734-1FX00-0AA0 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / BFCClient
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE EU Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-7 LTE US Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1243-8 IRC Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / CP 1542SP-1 Firmware (OS)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Machine Insight App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - OPC UA Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Opc Ua Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - PROFINET IO Connector
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - SIMATIC S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge - Simatic S7 Connector App
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Pro V2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Industrial Edge Management Virtual
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Open PCS 7
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V8.2
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.0
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / OpenPCS 7 V9.1
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / ROX II Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM CROSSBOW Station Access Controller (SAC)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RM1224 LTE4G
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX MX5000RE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1400
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1500 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1510 FIRMWARE
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1511
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1524 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX1536
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM ROX RX5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / RUGGEDCOM RX1400 (Firmware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Eu
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rm1224 Lte Nam
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Mx5000
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1500
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1501
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / Ruggedcom Rox Rx1512
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M816-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M826-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M874-2 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-3 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE M876-4 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE MUM856-1 (Hardware)
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE S615
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC-600 Firmware
|
vers:unknown/* | ||
|
vers:unknown/*
Siemens / SCALANCE SC622-2C
|
vers:unknown/* |
References
30 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Siemens heeft kwetsbaarheden verholpen in diverse producten zoals Analytics Toolkit, Ruggedcom, Industrial Edge Management Pro, SIDIS en TPM.\n\n\n",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipulatie van gegevens\n- Omzeilen van een beveiligingsmaatregel\n- (Remote) code execution (root/admin rechten)\n- Toegang tot systeemgegevens\n- Verhogen van rechten\n\nVoor succesvol misbruik van de genoemde kwetsbaarheden moet de kwaadwillende toegang hebben tot de productie-omgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico\u0027s zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"title": "CWE-74"
},
{
"category": "general",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
},
{
"category": "general",
"text": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"title": "CWE-80"
},
{
"category": "general",
"text": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)",
"title": "CWE-99"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Numeric Truncation Error",
"title": "CWE-197"
},
{
"category": "general",
"text": "Incorrect Privilege Assignment",
"title": "CWE-266"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Improper Authentication",
"title": "CWE-287"
},
{
"category": "general",
"text": "Authentication Bypass by Spoofing",
"title": "CWE-290"
},
{
"category": "general",
"text": "Improper Certificate Validation",
"title": "CWE-295"
},
{
"category": "general",
"text": "Authentication Bypass by Primary Weakness",
"title": "CWE-305"
},
{
"category": "general",
"text": "Missing Authentication for Critical Function",
"title": "CWE-306"
},
{
"category": "general",
"text": "Improper Restriction of Excessive Authentication Attempts",
"title": "CWE-307"
},
{
"category": "general",
"text": "Use of a Broken or Risky Cryptographic Algorithm",
"title": "CWE-327"
},
{
"category": "general",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
},
{
"category": "general",
"text": "Origin Validation Error",
"title": "CWE-346"
},
{
"category": "general",
"text": "Improper Verification of Cryptographic Signature",
"title": "CWE-347"
},
{
"category": "general",
"text": "Improper Validation of Integrity Check Value",
"title": "CWE-354"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Authorization Bypass Through User-Controlled Key",
"title": "CWE-639"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Inclusion of Functionality from Untrusted Control Sphere",
"title": "CWE-829"
},
{
"category": "general",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "general",
"text": "Missing Authorization",
"title": "CWE-862"
},
{
"category": "general",
"text": "Incorrect Authorization",
"title": "CWE-863"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-019200.html"
},
{
"category": "external",
"summary": "Reference",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-225816.html"
},
{
"category": "external",
"summary": "Reference",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-605717.html"
},
{
"category": "external",
"summary": "Reference",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-609469.html"
},
{
"category": "external",
"summary": "Reference",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-628843.html"
},
{
"category": "external",
"summary": "Reference",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-741509.html"
},
{
"category": "external",
"summary": "Reference",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-801704.html"
},
{
"category": "external",
"summary": "Reference",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-981622.html"
}
],
"title": "Kwetsbaarheden verholpen in Siemens producten",
"tracking": {
"current_release_date": "2026-04-14T11:37:21.682429Z",
"generator": {
"date": "2025-08-04T16:30:00Z",
"engine": {
"name": "V.A.",
"version": "1.3"
}
},
"id": "NCSC-2026-0112",
"initial_release_date": "2026-04-14T11:37:21.682429Z",
"revision_history": [
{
"date": "2026-04-14T11:37:21.682429Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-1"
}
}
],
"category": "product_name",
"name": "6AG1206-2BB00-7AC2 Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-2"
}
}
],
"category": "product_name",
"name": "6Ag1206-2Bs00-7Ac2 Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-3"
}
}
],
"category": "product_name",
"name": "6Ag1208-0Ba00-7Ac2 Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-4"
}
}
],
"category": "product_name",
"name": "6Ag1216-4Bs00-7Ac2 Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-5"
}
}
],
"category": "product_name",
"name": "6GK5204-0BA00-2GF2 Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-6"
}
}
],
"category": "product_name",
"name": "6GK5204-0BA00-2YF2 Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-7"
}
}
],
"category": "product_name",
"name": "6GK5205-3BB00-2AB2 FIRMWARE"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-8"
}
}
],
"category": "product_name",
"name": "6GK5205-3BB00-2AB2 Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-9"
}
}
],
"category": "product_name",
"name": "6GK5205-3BB00-2TB2 Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-10"
}
}
],
"category": "product_name",
"name": "6GK5205-3BF00-2TB2 FIRMWARE"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-11"
}
}
],
"category": "product_name",
"name": "6GK5206-2BD00-2AC2 Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-12"
}
}
],
"category": "product_name",
"name": "6GK5206-2GS00-2AC2 Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-13"
}
}
],
"category": "product_name",
"name": "6GK5206-2GS00-2TC2 Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-14"
}
}
],
"category": "product_name",
"name": "6GK5206-2RS00-2AC2 Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-15"
}
}
],
"category": "product_name",
"name": "6GK5208-0BA00-2AB2 Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-16"
}
}
],
"category": "product_name",
"name": "6GK5208-0BA00-2AC2 Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-17"
}
}
],
"category": "product_name",
"name": "6GK5208-0BA00-2FC2 Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-18"
}
}
],
"category": "product_name",
"name": "6GK5208-0GA00-2AC2 Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-19"
}
}
],
"category": "product_name",
"name": "6GK5208-0GA00-2FC2 Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-20"
}
}
],
"category": "product_name",
"name": "6GK5208-0GA00-2TC2 Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-21"
}
}
],
"category": "product_name",
"name": "6GK5632-2GS00-2AC2 FIRMWARE"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-22"
}
}
],
"category": "product_name",
"name": "6GK5646-2GS00-2AC2 FIRMWARE"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-23"
}
}
],
"category": "product_name",
"name": "6GK5721-1FC00-0AB0 FIRMWARE"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-24"
}
}
],
"category": "product_name",
"name": "6GK5722-1FC00-0AB0 FIRMWARE"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-25"
}
}
],
"category": "product_name",
"name": "6GK5734-1FX00-0AA0 FIRMWARE"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-26"
}
}
],
"category": "product_name",
"name": "BFCClient"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-27"
}
}
],
"category": "product_name",
"name": "CP 1243-1 Firmware (OS)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-28"
}
}
],
"category": "product_name",
"name": "CP 1243-7 LTE EU Firmware (OS)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-29"
}
}
],
"category": "product_name",
"name": "CP 1243-7 LTE US Firmware (OS)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-30"
}
}
],
"category": "product_name",
"name": "CP 1243-8 IRC Firmware (OS)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-31"
}
}
],
"category": "product_name",
"name": "CP 1542SP-1 Firmware (OS)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-32"
}
}
],
"category": "product_name",
"name": "Industrial Edge - Machine Insight App"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-33"
}
}
],
"category": "product_name",
"name": "Industrial Edge - OPC UA Connector"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-34"
}
}
],
"category": "product_name",
"name": "Industrial Edge - Opc Ua Connector"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-35"
}
}
],
"category": "product_name",
"name": "Industrial Edge - PROFINET IO Connector"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-36"
}
}
],
"category": "product_name",
"name": "Industrial Edge - SIMATIC S7 Connector App"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-37"
}
}
],
"category": "product_name",
"name": "Industrial Edge - Simatic S7 Connector App"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-38"
}
}
],
"category": "product_name",
"name": "Industrial Edge Management"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-39"
}
}
],
"category": "product_name",
"name": "Industrial Edge Management Pro V1"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-40"
}
}
],
"category": "product_name",
"name": "Industrial Edge Management Pro V2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-41"
}
}
],
"category": "product_name",
"name": "Industrial Edge Management Virtual"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-42"
}
}
],
"category": "product_name",
"name": "Open PCS 7"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-43"
}
}
],
"category": "product_name",
"name": "OpenPCS 7 V8.2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-44"
}
}
],
"category": "product_name",
"name": "OpenPCS 7 V9.0"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-45"
}
}
],
"category": "product_name",
"name": "OpenPCS 7 V9.1"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-46"
}
}
],
"category": "product_name",
"name": "ROX II Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-47"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-48"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM CROSSBOW Station Access Controller (SAC)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-49"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RM1224 Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-50"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RM1224 LTE(4G) EU"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-51"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-52"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RM1224 LTE(4G) NAM"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-53"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-54"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RM1224 LTE4G"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-55"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM ROX MX5000"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-56"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM ROX MX5000RE"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-57"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM ROX RX1400"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-58"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM ROX RX1500"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-59"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM ROX RX1500 FIRMWARE"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-60"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM ROX RX1501"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-61"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM ROX RX1510"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-62"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM ROX RX1510 FIRMWARE"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-63"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM ROX RX1511"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-64"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM ROX RX1512"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-65"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM ROX RX1524"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-66"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM ROX RX1524 (Hardware)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-67"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM ROX RX1536"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-68"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM ROX RX5000"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-69"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RX1400 (Firmware)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-70"
}
}
],
"category": "product_name",
"name": "Ruggedcom Rm1224 Lte Eu"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-71"
}
}
],
"category": "product_name",
"name": "Ruggedcom Rm1224 Lte Nam"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-72"
}
}
],
"category": "product_name",
"name": "Ruggedcom Rox Mx5000"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-73"
}
}
],
"category": "product_name",
"name": "Ruggedcom Rox Rx1500"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-74"
}
}
],
"category": "product_name",
"name": "Ruggedcom Rox Rx1501"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-75"
}
}
],
"category": "product_name",
"name": "Ruggedcom Rox Rx1512"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-76"
}
}
],
"category": "product_name",
"name": "SCALANCE M816-1 (Hardware)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-77"
}
}
],
"category": "product_name",
"name": "SCALANCE M826-2 (Hardware)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-78"
}
}
],
"category": "product_name",
"name": "SCALANCE M874-2 (Hardware)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-79"
}
}
],
"category": "product_name",
"name": "SCALANCE M876-3 (Hardware)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-80"
}
}
],
"category": "product_name",
"name": "SCALANCE M876-4 (Hardware)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-81"
}
}
],
"category": "product_name",
"name": "SCALANCE MUM856-1 (Hardware)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-82"
}
}
],
"category": "product_name",
"name": "SCALANCE S615"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-83"
}
}
],
"category": "product_name",
"name": "SCALANCE SC-600 Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-84"
}
}
],
"category": "product_name",
"name": "SCALANCE SC622-2C"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-24588",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"category": "other",
"text": "Missing Authentication for Critical Function",
"title": "CWE-306"
},
{
"category": "other",
"text": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)",
"title": "CWE-99"
},
{
"category": "other",
"text": "Use of a Broken or Risky Cryptographic Algorithm",
"title": "CWE-327"
},
{
"category": "description",
"text": "Multiple SUSE Linux Enterprise kernel updates across versions 11, 12, and 15 addressed critical security vulnerabilities including use-after-free, heap overflows, race conditions, side-channel leaks, and Wi-Fi protocol flaws, alongside extensive non-security bug fixes.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-24588 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2020/cve-2020-24588.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2020-24588"
},
{
"cve": "CVE-2020-26139",
"cwe": {
"id": "CWE-829",
"name": "Inclusion of Functionality from Untrusted Control Sphere"
},
"notes": [
{
"category": "other",
"text": "Inclusion of Functionality from Untrusted Control Sphere",
"title": "CWE-829"
},
{
"category": "description",
"text": "Multiple security vulnerabilities affecting NetBSD and various SUSE Linux Enterprise kernel versions include flaws in BPF verifier, Bluetooth, Wi-Fi fragmentation, heap overflows, use-after-free bugs, and EAPOL frame handling, with extensive non-security fixes across drivers and subsystems.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-26139 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2020/cve-2020-26139.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2020-26139"
},
{
"cve": "CVE-2020-26140",
"cwe": {
"id": "CWE-346",
"name": "Origin Validation Error"
},
"notes": [
{
"category": "other",
"text": "Origin Validation Error",
"title": "CWE-346"
},
{
"category": "other",
"text": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)",
"title": "CWE-99"
},
{
"category": "other",
"text": "Use of a Broken or Risky Cryptographic Algorithm",
"title": "CWE-327"
},
{
"category": "description",
"text": "Multiple vulnerabilities in WiFi protocols and drivers, including IEEE 802.11, ALFA Windows 10 driver 6.1316.1209 for AWUS036H, and Linux kernel implementations, allow attackers to inject arbitrary plaintext frames into protected networks across WPA3 and earlier standards.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-26140 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2020/cve-2020-26140.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2020-26140"
},
{
"cve": "CVE-2020-26141",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"notes": [
{
"category": "other",
"text": "Incorrect Authorization",
"title": "CWE-863"
},
{
"category": "other",
"text": "Improper Validation of Integrity Check Value",
"title": "CWE-354"
},
{
"category": "description",
"text": "Multiple security vulnerabilities including Wi-Fi fragmentation flaws, use-after-free, denial-of-service, BPF verifier bugs, heap overflows, and race conditions have been addressed across various SUSE Linux Enterprise kernel updates and an ALFA Windows 10 driver for AWUS036H, impacting WPA/WPA2 networks and kernel stability.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-26141 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2020/cve-2020-26141.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2020-26141"
},
{
"cve": "CVE-2020-26143",
"cwe": {
"id": "CWE-346",
"name": "Origin Validation Error"
},
"notes": [
{
"category": "other",
"text": "Origin Validation Error",
"title": "CWE-346"
},
{
"category": "other",
"text": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)",
"title": "CWE-99"
},
{
"category": "description",
"text": "Multiple vulnerabilities in Linux kernel, ALFA Windows 10 driver for AWUS036ACH, and IEEE 802.11 protocols allow attackers to inject malicious WiFi frames and exfiltrate data across WEP, CCMP, GCMP, WPA3, and protected networks.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-26143 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2020/cve-2020-26143.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2020-26143"
},
{
"cve": "CVE-2020-26144",
"cwe": {
"id": "CWE-290",
"name": "Authentication Bypass by Spoofing"
},
"notes": [
{
"category": "other",
"text": "Authentication Bypass by Spoofing",
"title": "CWE-290"
},
{
"category": "description",
"text": "Multiple vulnerabilities affect Samsung Galaxy S3 i9305 devices, Linux kernel WiFi implementations, and Windows Wireless Networking, allowing attackers to inject or spoof network packets by exploiting acceptance of plaintext A-MSDU frames with valid RFC1042 headers for EAPOL.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-26144 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2020/cve-2020-26144.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2020-26144"
},
{
"cve": "CVE-2020-26146",
"cwe": {
"id": "CWE-307",
"name": "Improper Restriction of Excessive Authentication Attempts"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Excessive Authentication Attempts",
"title": "CWE-307"
},
{
"category": "other",
"text": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)",
"title": "CWE-99"
},
{
"category": "description",
"text": "Multiple vulnerabilities in WiFi implementations, including IEEE 802.11 standards and specific devices like Samsung Galaxy S3 i9305 on Android 4.4.4, allow attackers to inject malicious frames and exfiltrate data via fragmented frame reassembly flaws affecting WEP, WPA, WPA2, WPA3, CCMP, and GCMP protocols.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-26146 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2020/cve-2020-26146.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2020-26146"
},
{
"cve": "CVE-2020-26147",
"cwe": {
"id": "CWE-307",
"name": "Improper Restriction of Excessive Authentication Attempts"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Excessive Authentication Attempts",
"title": "CWE-307"
},
{
"category": "other",
"text": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)",
"title": "CWE-99"
},
{
"category": "description",
"text": "Multiple SUSE Linux Enterprise kernel updates across versions 12, 15, and LTSS address critical security vulnerabilities including use-after-free, heap overflows, race conditions, and Wi-Fi protocol flaws, alongside extensive non-security bug fixes.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-26147 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2020/cve-2020-26147.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2020-26147"
},
{
"cve": "CVE-2021-3712",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "Multiple OpenSSL versions prior to 1.1.1l and 1.0.2za contain buffer overrun and memory disclosure vulnerabilities in ASN.1 string processing, affecting various products including Oracle Siebel CRM, Oracle Communications, NetApp, HPE, and Solarwinds, with CVSS scores up to 7.4.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-3712 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2021/cve-2021-3712.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2021-3712"
},
{
"cve": "CVE-2022-0778",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "description",
"text": "A critical vulnerability in OpenSSL\u0027s BN_mod_sqrt() function causes infinite loops when parsing crafted certificates with invalid elliptic curve parameters, leading to denial of service across multiple OpenSSL versions and affecting various products including Node.js, Oracle, SAP, and NetApp.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-0778 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2022/cve-2022-0778.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2022-0778"
},
{
"cve": "CVE-2022-31765",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
},
{
"category": "description",
"text": "A vulnerability in the web interface\u0027s change password function allows low privileged users on affected devices to escalate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-31765 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2022/cve-2022-31765.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2022-31765"
},
{
"cve": "CVE-2022-36323",
"notes": [
{
"category": "description",
"text": "Siemens products including SCALANCE, SICAM, Tecnomatix, SITOP, and PowerSys contain vulnerabilities allowing authenticated remote attackers with administrative privileges to inject code or gain root shell access due to improper input sanitization.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-36323 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2022/cve-2022-36323.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2022-36323"
},
{
"cve": "CVE-2022-36324",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "description",
"text": "Affected devices improperly handle SSL/TLS renegotiation, allowing unauthenticated remote attackers to bypass TCP brute force protections and cause denial of service during the attack.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-36324 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2022/cve-2022-36324.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2022-36324"
},
{
"cve": "CVE-2022-36325",
"cwe": {
"id": "CWE-80",
"name": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"title": "CWE-80"
},
{
"category": "description",
"text": "Affected devices improperly sanitize user input in their web interface, enabling an authenticated remote attacker with administrative privileges to execute a DOM-based cross-site scripting (XSS) attack.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-36325 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2022/cve-2022-36325.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2022-36325"
},
{
"cve": "CVE-2023-44373",
"notes": [
{
"category": "description",
"text": "Multiple Siemens RUGGEDCOM and SCALANCE devices below versions V8.0 or V2.4.0 contain vulnerabilities allowing authenticated admin users to execute code or spawn root shells due to improper input sanitization, related to CVE-2022-36323.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-44373 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-44373.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2023-44373"
},
{
"cve": "CVE-2025-2884",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "Multiple vulnerabilities affect the TCG TPM2.0 Reference implementation\u0027s CryptHmacSign function and various HPE servers, including local denial of service and out-of-bounds read issues, as detailed in Intel Security Advisory INTEL-SA-01209 and TCG advisories.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-2884 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-2884.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2025-2884"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"notes": [
{
"category": "other",
"text": "Numeric Truncation Error",
"title": "CWE-197"
},
{
"category": "description",
"text": "Critical vulnerabilities in Oracle Communications Cloud Native Core Unified Data Repository and Oracle Siebel CRM Cloud Applications allow unauthenticated attackers full system compromise, while multiple SQLite and MySQL flaws affect NetApp and other vendors, causing memory corruption and potential data breaches.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-6965 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-6965.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2025-6965"
},
{
"cve": "CVE-2025-40745",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Certificate Validation",
"title": "CWE-295"
},
{
"category": "description",
"text": "A vulnerability in multiple Siemens software products allows unauthenticated remote attackers to conduct man-in-the-middle attacks by exploiting improper validation of client certificates when connecting to the Analytics Service endpoint.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-40745 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40745.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2025-40745"
},
{
"cve": "CVE-2026-24032",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"notes": [
{
"category": "other",
"text": "Improper Verification of Cryptographic Signature",
"title": "CWE-347"
},
{
"category": "description",
"text": "A vulnerability in SINEC NMS versions prior to V4.0 SP3 with UMC allows unauthenticated remote attackers to bypass authentication due to insufficient user identity validation in the UMC component.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-24032 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-24032.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2026-24032"
},
{
"cve": "CVE-2026-25654",
"cwe": {
"id": "CWE-639",
"name": "Authorization Bypass Through User-Controlled Key"
},
"notes": [
{
"category": "other",
"text": "Authorization Bypass Through User-Controlled Key",
"title": "CWE-639"
},
{
"category": "description",
"text": "A vulnerability in SINEC NMS versions prior to V4.0 SP3 enables an authenticated remote attacker to bypass authorization controls and reset any user account password.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25654 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25654.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2026-25654"
},
{
"cve": "CVE-2026-27668",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"notes": [
{
"category": "other",
"text": "Incorrect Privilege Assignment",
"title": "CWE-266"
},
{
"category": "description",
"text": "A vulnerability in RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) before version 5.8 allows authenticated User Administrators to escalate privileges and gain access to any device group at any access level.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-27668 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-27668.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2026-27668"
},
{
"cve": "CVE-2026-33892",
"cwe": {
"id": "CWE-305",
"name": "Authentication Bypass by Primary Weakness"
},
"notes": [
{
"category": "other",
"text": "Authentication Bypass by Primary Weakness",
"title": "CWE-305"
},
{
"category": "description",
"text": "A vulnerability in Industrial Edge Management Pro and Virtual allows unauthenticated remote attackers to bypass authentication and impersonate users by exploiting improperly enforced authentication on remote device connections when the feature is enabled and connection details are known.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-33892 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-33892.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36",
"CSAFPID-37",
"CSAFPID-38",
"CSAFPID-39",
"CSAFPID-40",
"CSAFPID-41",
"CSAFPID-42",
"CSAFPID-43",
"CSAFPID-44",
"CSAFPID-45",
"CSAFPID-46",
"CSAFPID-47",
"CSAFPID-48",
"CSAFPID-49",
"CSAFPID-50",
"CSAFPID-51",
"CSAFPID-52",
"CSAFPID-53",
"CSAFPID-54",
"CSAFPID-55",
"CSAFPID-56",
"CSAFPID-57",
"CSAFPID-58",
"CSAFPID-59",
"CSAFPID-60",
"CSAFPID-61",
"CSAFPID-62",
"CSAFPID-63",
"CSAFPID-64",
"CSAFPID-65",
"CSAFPID-66",
"CSAFPID-67",
"CSAFPID-68",
"CSAFPID-69",
"CSAFPID-70",
"CSAFPID-71",
"CSAFPID-72",
"CSAFPID-73",
"CSAFPID-74",
"CSAFPID-75",
"CSAFPID-76",
"CSAFPID-77",
"CSAFPID-78",
"CSAFPID-79",
"CSAFPID-80",
"CSAFPID-81",
"CSAFPID-82",
"CSAFPID-83",
"CSAFPID-84"
]
}
],
"title": "CVE-2026-33892"
}
]
}
RHSA-2021:4140
Vulnerability from csaf_redhat - Published: 2021-11-09 17:26 - Updated: 2026-06-02 15:43Summary
Red Hat Security Advisory: kernel-rt security and bug fix update
Severity
Moderate
Notes
Topic: An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: out-of-bounds reads in pinctrl subsystem. (CVE-2020-0427)
* kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers (CVE-2020-24502)
* kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers (CVE-2020-24503)
* kernel: Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers (CVE-2020-24504)
* kernel: Fragmentation cache not cleared on reconnection (CVE-2020-24586)
* kernel: Reassembling fragments encrypted under different keys (CVE-2020-24587)
* kernel: wifi frame payload being parsed incorrectly as an L2 frame (CVE-2020-24588)
* kernel: Forwarding EAPOL from unauthenticated wifi client (CVE-2020-26139)
* kernel: accepting plaintext data frames in protected networks (CVE-2020-26140)
* kernel: not verifying TKIP MIC of fragmented frames (CVE-2020-26141)
* kernel: accepting fragmented plaintext frames in protected networks (CVE-2020-26143)
* kernel: accepting unencrypted A-MSDU frames that start with RFC1042 header (CVE-2020-26144)
* kernel: accepting plaintext broadcast fragments as full frames (CVE-2020-26145)
* kernel: locking inconsistency in tty_io.c and tty_jobctrl.c can lead to a read-after-free (CVE-2020-29660)
* kernel: buffer overflow in mwifiex_cmd_802_11_ad_hoc_start function via a long SSID value (CVE-2020-36158)
* kernel: slab out-of-bounds read in hci_extended_inquiry_result_evt() (CVE-2020-36386)
* kernel: Improper access control in BlueZ may allow information disclosure vulnerability. (CVE-2021-0129)
* kernel: Use-after-free in ndb_queue_rq() (CVE-2021-3348)
* kernel: Linux kernel eBPF RINGBUF map oversized allocation (CVE-2021-3489)
* kernel: double free in bluetooth subsystem when the HCI device initialization fails (CVE-2021-3564)
* kernel: use-after-free in function hci_sock_bound_ioctl() (CVE-2021-3573)
* kernel: eBPF 32-bit source register truncation on div/mod (CVE-2021-3600)
* kernel: DoS in rb_per_cpu_empty() (CVE-2021-3679)
* kernel: overlayfs: Mounting overlayfs inside an unprivileged user namespace can reveal files (CVE-2021-3732)
* kernel: heap overflow in __cgroup_bpf_run_filter_getsockopt() (CVE-2021-20194)
* kernel: Race condition in sctp_destroy_sock list_del (CVE-2021-23133)
* kernel: fuse: stall on CPU can occur because a retry loop continually finds the same bad inode (CVE-2021-28950)
* kernel: System crash in intel_pmu_drain_pebs_nhm (CVE-2021-28971)
* kernel: protection for sequences of pointer arithmetic operations against speculatively out-of-bounds loads can be bypassed to leak content of kernel memory (CVE-2021-29155)
* kernel: improper input validation in tipc_nl_retrieve_key function (CVE-2021-29646)
* kernel: lack a full memory barrier upon the assignment of a new table value in x_tables.h may lead to DoS (CVE-2021-29650)
* kernel: local escalation of privileges in handling of eBPF programs (CVE-2021-31440)
* kernel: protection of stack pointer against speculative pointer arithmetic can be bypassed to leak content of kernel memory (CVE-2021-31829)
* kernel: out-of-bounds reads and writes due to enforcing incorrect limits for pointer arithmetic operations by BPF verifier (CVE-2021-33200)
* kernel: reassembling encrypted fragments with non-consecutive packet numbers (CVE-2020-26146)
* kernel: reassembling mixed encrypted/plaintext fragments (CVE-2020-26147)
* kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check (CVE-2020-29368)
* kernel: flowtable list del corruption with kernel BUG (CVE-2021-3635)
* kernel: NULL pointer dereference in llsec_key_alloc() (CVE-2021-3659)
* kernel: setsockopt System Call Untrusted Pointer Dereference Information Disclosure (CVE-2021-20239)
* kernel: out of bounds array access in drivers/md/dm-ioctl.c (CVE-2021-31916)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
An information disclosure flaw was found in the Linux kernel. The i915 graphics driver lacks control of flow for data structures which may allow a local, authenticated user to disclose information when using ioctl commands with an attached i915 device. The highest threat from this vulnerability is to data confidentiality.
5.5 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Linux pinctrl system. It is possible to trigger an of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed.
5.5 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
Improper input validation in some Intel(R) Ethernet E810 Adapter drivers for Linux may allow an authenticated user to potentially enable a denial of service via local access.
5.5 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers for Linux may allow an authenticated user to potentially enable information disclosure via local access.
5.5 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
An uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers for Linux may allow an authenticated user to potentially cause a denial of service via local access.
5.5 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the Linux kernels implementation of wifi fragmentation handling. An attacker with the ability to transmit within the wireless transmission range of an access point can abuse a flaw where previous contents of wifi fragments can be unintentionally transmitted to another device.
4.3 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Linux kernel's WiFi implementation. An attacker within the wireless range can abuse a logic flaw in the WiFi implementation by reassembling packets from multiple fragments under different keys, treating them as valid. This flaw allows an attacker to send a fragment under an incorrect key, treating them as a valid fragment under the new key. The highest threat from this vulnerability is to confidentiality.
CWE-345 - Insufficient Verification of Data AuthenticityAffected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Linux kernels wifi implementation. An attacker within wireless broadcast range can inject custom data into the wireless communication circumventing checks on the data. This can cause the frame to pass checks and be considered a valid frame of a different type.
4.3 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
Frames used for authentication and key management between the AP and connected clients. Some clients may take these redirected frames masquerading as control mechanisms from the AP.
CWE-829 - Inclusion of Functionality from Untrusted Control SphereAffected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in Linux kernel. Where the WiFi implementations accept plaintext frames in a protected WiFi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
6.5 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in Linux kernel's WiFi implementation. An attacker within wireless range can inject a control packet fragment where the kernel does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames.
6.5 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in Linux kernel, where the WiFi implementations assemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used.
6.5 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Linux kernel, where the WiFi implementations accept plaintext A-MSDU frames as long as the first 8 bytes correspond to a valid RFC1042 (ex., LLC/SNAP) header for EAPOL. The highest threat from this vulnerability is to integrity.
6.5 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in ath10k_htt_rx_proc_rx_frag_ind_hl in drivers/net/wireless/ath/ath10k/htt_rx.c in the Linux kernel WiFi implementations, where it accepts a second (or subsequent) broadcast fragments even when sent in plaintext and then process them as full unfragmented frames. The highest threat from this vulnerability is to integrity.
6.5 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in Linux kernel, where the WiFi implementation reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design.
5.3 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A flaw was found in ieee80211_rx_h_defragment in net/mac80211/rx.c in the Linux Kernel's WiFi implementation. This vulnerability can be abused to inject packets or exfiltrate selected fragments when another device sends fragmented frames, and the WEP, CCMP, or GCMP data-confidentiality protocol is used. The highest threat from this vulnerability is to integrity.
5.4 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check.
7.0 (High)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel. A local user could use this flaw to read numerical value from memory after free.
4.4 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Linux kernel. The marvell wifi driver could allow a local attacker to execute arbitrary code via a long SSID value in mwifiex_cmd_802_11_ad_hoc_start function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
6.7 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the KVM hypervisor of the Linux kernel. A memory leak could occur in kvm_io_bus_unregister_dev() upon a kmalloc failure. The highest threat from this vulnerability is to system availability.
CWE-772 - Missing Release of Resource after Effective LifetimeAffected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A flaw out of bounds memory access in the Linux kernel bluetooth subsystem was found in the way when some data being read about the bluetooth device with the hci_extended_inquiry_result_evt call. A local user could use this flaw to crash the system or read some data out of memory bounds that can lead to data confidentiality threat.
7.1 (High)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Linux kernel. Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. The highest threat from this vulnerability is to data confidentiality and integrity.
6.4 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A use after free flaw in the Linux kernel network block device (NBD) subsystem was found in the way user calls an ioctl NBD_SET_SOCK at a certain point during device setup.
7.0 (High)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw out of bound memory write in the Linux kernel BPF subsystem was found in the way user writes to BPF ring buffer too fast, so larger buffer than available memory could be allocated. A local user could use this flaw to crash the system or possibly escalate their privileges on the system.
7.8 (High)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system.
6.3 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info(). A privileged local user could use this flaw to crash the system or escalate their privileges on the system.
6.7 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Linux kernel’s eBPF verification code, where the eBPF 32-bit div/mod source register truncation could lead to out-of-bounds reads and writes. By default, accessing the eBPF verifier is only possible to privileged users with CAP_SYS_ADMIN. This flaw allows a local user who can run eBPF instructions to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
7.8 (High)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Linux kernel netfilter implementation. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands
4.1 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability.
5.5 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A lack of CPU resources in the Linux kernel tracing module functionality was found in the way users use the trace ring buffer in specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.
5.5 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Linux kernel’s OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows a local user to gain access to hidden files that should not be accessible.
CWE-200 - Exposure of Sensitive Information to an Unauthorized ActorAffected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw buffer overflow in the Linux kernel BPF subsystem was found in the way user running BPF script calling getsockopt. A local user could use this flaw to crash the system or possibly escalate their privileges on the system.
7.0 (High)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the BPF protocol. This flaw allows an attacker with a local account to leak information about kernel internal addresses. The highest threat from this vulnerability is to confidentiality.
CWE-822 - Untrusted Pointer DereferenceAffected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A use-after-free flaw was found in the Linux kernel's SCTP socket functionality that triggers a race condition. This flaw allows a local user to escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
7.0 (High)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A denial of service in the kernel side of the FUSE functionality can allow a local system to create a denial of service.
5.5 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Linux kernel. On some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled.
4.7 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was discovered in retrieve_ptr_limit in kernel/bpf/verifier.c in the Linux kernel mechanism to mitigate speculatively out-of-bounds loads (Spectre mitigation). In this flaw a local, special user privileged (CAP_SYS_ADMIN) BPF program running on affected systems may bypass the protection, and execute speculatively out-of-bounds loads from the kernel memory. This can be abused to extract contents of kernel memory via side-channel.
4.4 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw buffer overflow in the Linux kernel TIPC protocol functionality was found in the way user uses protocol with encryption enabled. A local user could use this flaw to crash the system.
5.5 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A denial-of-service (DoS) flaw was identified in the Linux kernel due to an incorrect memory barrier in xt_replace_table in net/netfilter/x_tables.c in the netfilter subsystem.
5.5 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An out-of-bounds access flaw was found in the Linux kernel’s implementation of the eBPF code verifier, where an incorrect register bounds calculation while checking unsigned 32-bit instructions in an eBPF program occurs.. By default accessing the eBPF verifier is only accessible to privileged users with CAP_SYS_ADMIN. The issue results from the lack of proper validation of user-supplied eBPF programs prior to executing them. A local user could use this flaw to crash the system or possibly escalate their privileges on the system.
7.0 (High)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Linux kernel's eBPF verification code. By default, accessing the eBPF verifier is only accessible to privileged users with CAP_SYS_ADMIN. This flaw allows a local user who can insert eBPF instructions, to use the eBPF verifier to abuse a spectre-like flaw and infer all system memory. The highest threat from this vulnerability is to confidentiality.
6.2 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash, a leak of internal kernel information, or a privilege escalation problem.
6.7 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A flaw use-after-free in the Linux kernel CIPSO network packet labeling protocol functionality was found in the way user open local network connection with the usage of the security labeling that is IP option number 134. A local user could use this flaw to crash the system or possibly escalate their privileges on the system.
7.8 (High)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in kernel/bpf/verifier.c in BPF in the Linux kernel. An incorrect limit is enforced for pointer arithmetic operations which can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
7.8 (High)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in the Linux kernel. This flaw occurs due to an unconditional NULL-pointer dereference on every disconnect in the Linux kernel.
5.5 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in the Linux kernel’s sysfs layer. This flaw allows a local user who can read files under the /sysfs mount point to corrupt memory or possibly crash the system.
6.4 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
263 references
Acknowledgments
Ryota Shiga
ckSec
HaoXiong, LinMa
Chaitin Tech
Haoran Luo
Red Hat
Miklos Szeredi
Loris Reiff
Palo Alto Networks
Or Cohen
RedRocket CTF team
Manfred Paul
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n* kernel: out-of-bounds reads in pinctrl subsystem. (CVE-2020-0427)\n* kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers (CVE-2020-24502)\n* kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers (CVE-2020-24503)\n* kernel: Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers (CVE-2020-24504)\n* kernel: Fragmentation cache not cleared on reconnection (CVE-2020-24586)\n* kernel: Reassembling fragments encrypted under different keys (CVE-2020-24587)\n* kernel: wifi frame payload being parsed incorrectly as an L2 frame (CVE-2020-24588)\n* kernel: Forwarding EAPOL from unauthenticated wifi client (CVE-2020-26139)\n* kernel: accepting plaintext data frames in protected networks (CVE-2020-26140)\n* kernel: not verifying TKIP MIC of fragmented frames (CVE-2020-26141)\n* kernel: accepting fragmented plaintext frames in protected networks (CVE-2020-26143)\n* kernel: accepting unencrypted A-MSDU frames that start with RFC1042 header (CVE-2020-26144)\n* kernel: accepting plaintext broadcast fragments as full frames (CVE-2020-26145)\n* kernel: locking inconsistency in tty_io.c and tty_jobctrl.c can lead to a read-after-free (CVE-2020-29660)\n* kernel: buffer overflow in mwifiex_cmd_802_11_ad_hoc_start function via a long SSID value (CVE-2020-36158)\n* kernel: slab out-of-bounds read in hci_extended_inquiry_result_evt() (CVE-2020-36386)\n* kernel: Improper access control in BlueZ may allow information disclosure vulnerability. (CVE-2021-0129)\n* kernel: Use-after-free in ndb_queue_rq() (CVE-2021-3348)\n* kernel: Linux kernel eBPF RINGBUF map oversized allocation (CVE-2021-3489)\n* kernel: double free in bluetooth subsystem when the HCI device initialization fails (CVE-2021-3564)\n* kernel: use-after-free in function hci_sock_bound_ioctl() (CVE-2021-3573)\n* kernel: eBPF 32-bit source register truncation on div/mod (CVE-2021-3600)\n* kernel: DoS in rb_per_cpu_empty() (CVE-2021-3679)\n* kernel: overlayfs: Mounting overlayfs inside an unprivileged user namespace can reveal files (CVE-2021-3732)\n* kernel: heap overflow in __cgroup_bpf_run_filter_getsockopt() (CVE-2021-20194)\n* kernel: Race condition in sctp_destroy_sock list_del (CVE-2021-23133)\n* kernel: fuse: stall on CPU can occur because a retry loop continually finds the same bad inode (CVE-2021-28950)\n* kernel: System crash in intel_pmu_drain_pebs_nhm (CVE-2021-28971)\n* kernel: protection for sequences of pointer arithmetic operations against speculatively out-of-bounds loads can be bypassed to leak content of kernel memory (CVE-2021-29155)\n* kernel: improper input validation in tipc_nl_retrieve_key function (CVE-2021-29646)\n* kernel: lack a full memory barrier upon the assignment of a new table value in x_tables.h may lead to DoS (CVE-2021-29650)\n* kernel: local escalation of privileges in handling of eBPF programs (CVE-2021-31440)\n* kernel: protection of stack pointer against speculative pointer arithmetic can be bypassed to leak content of kernel memory (CVE-2021-31829)\n* kernel: out-of-bounds reads and writes due to enforcing incorrect limits for pointer arithmetic operations by BPF verifier (CVE-2021-33200)\n* kernel: reassembling encrypted fragments with non-consecutive packet numbers (CVE-2020-26146)\n* kernel: reassembling mixed encrypted/plaintext fragments (CVE-2020-26147)\n* kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check (CVE-2020-29368)\n* kernel: flowtable list del corruption with kernel BUG (CVE-2021-3635)\n* kernel: NULL pointer dereference in llsec_key_alloc() (CVE-2021-3659)\n* kernel: setsockopt System Call Untrusted Pointer Dereference Information Disclosure (CVE-2021-20239)\n* kernel: out of bounds array access in drivers/md/dm-ioctl.c (CVE-2021-31916)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:4140",
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/"
},
{
"category": "external",
"summary": "1875275",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875275"
},
{
"category": "external",
"summary": "1902412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902412"
},
{
"category": "external",
"summary": "1903244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1903244"
},
{
"category": "external",
"summary": "1905747",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905747"
},
{
"category": "external",
"summary": "1906522",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906522"
},
{
"category": "external",
"summary": "1912683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912683"
},
{
"category": "external",
"summary": "1913348",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913348"
},
{
"category": "external",
"summary": "1919893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1919893"
},
{
"category": "external",
"summary": "1921958",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921958"
},
{
"category": "external",
"summary": "1923636",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923636"
},
{
"category": "external",
"summary": "1930376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930376"
},
{
"category": "external",
"summary": "1930379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930379"
},
{
"category": "external",
"summary": "1930381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930381"
},
{
"category": "external",
"summary": "1941762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941762"
},
{
"category": "external",
"summary": "1941784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941784"
},
{
"category": "external",
"summary": "1945345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945345"
},
{
"category": "external",
"summary": "1945388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945388"
},
{
"category": "external",
"summary": "1946965",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946965"
},
{
"category": "external",
"summary": "1948772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948772"
},
{
"category": "external",
"summary": "1951595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951595"
},
{
"category": "external",
"summary": "1957788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1957788"
},
{
"category": "external",
"summary": "1959559",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1959559"
},
{
"category": "external",
"summary": "1959642",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1959642"
},
{
"category": "external",
"summary": "1959654",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1959654"
},
{
"category": "external",
"summary": "1959657",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1959657"
},
{
"category": "external",
"summary": "1959663",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1959663"
},
{
"category": "external",
"summary": "1960490",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1960490"
},
{
"category": "external",
"summary": "1960492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1960492"
},
{
"category": "external",
"summary": "1960496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1960496"
},
{
"category": "external",
"summary": "1960498",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1960498"
},
{
"category": "external",
"summary": "1960500",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1960500"
},
{
"category": "external",
"summary": "1960502",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1960502"
},
{
"category": "external",
"summary": "1960504",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1960504"
},
{
"category": "external",
"summary": "1964028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964028"
},
{
"category": "external",
"summary": "1964139",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964139"
},
{
"category": "external",
"summary": "1965038",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1965038"
},
{
"category": "external",
"summary": "1965458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1965458"
},
{
"category": "external",
"summary": "1966578",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966578"
},
{
"category": "external",
"summary": "1969489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1969489"
},
{
"category": "external",
"summary": "1975949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975949"
},
{
"category": "external",
"summary": "1976946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1976946"
},
{
"category": "external",
"summary": "1981954",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981954"
},
{
"category": "external",
"summary": "1989165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989165"
},
{
"category": "external",
"summary": "1995249",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995249"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_4140.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security and bug fix update",
"tracking": {
"current_release_date": "2026-06-02T15:43:46+00:00",
"generator": {
"date": "2026-06-02T15:43:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2021:4140",
"initial_release_date": "2021-11-09T17:26:23+00:00",
"revision_history": [
{
"date": "2021-11-09T17:26:23+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-11-09T17:26:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T15:43:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::nfv"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.5.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::realtime"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"product": {
"name": "kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"product_id": "kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-348.rt7.130.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"product": {
"name": "kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"product_id": "kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-348.rt7.130.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"product": {
"name": "kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"product_id": "kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-348.rt7.130.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"product": {
"name": "kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"product_id": "kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-348.rt7.130.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"product_id": "kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-348.rt7.130.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"product_id": "kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-348.rt7.130.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"product_id": "kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-348.rt7.130.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"product_id": "kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-348.rt7.130.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-348.rt7.130.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"product": {
"name": "kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"product_id": "kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-348.rt7.130.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"product": {
"name": "kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"product_id": "kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-348.rt7.130.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"product": {
"name": "kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"product_id": "kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-348.rt7.130.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"product_id": "kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-348.rt7.130.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-348.rt7.130.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"product_id": "kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-348.rt7.130.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-348.rt7.130.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-348.rt7.130.el8.src as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src"
},
"product_reference": "kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"relates_to_product_reference": "NFV-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "NFV-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "NFV-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "NFV-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "NFV-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "NFV-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "NFV-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "NFV-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "NFV-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "NFV-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "NFV-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "NFV-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "NFV-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "NFV-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "NFV-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "NFV-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-348.rt7.130.el8.src as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src"
},
"product_reference": "kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"relates_to_product_reference": "RT-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "RT-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "RT-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "RT-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "RT-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "RT-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "RT-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "RT-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "RT-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "RT-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "RT-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "RT-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "RT-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "RT-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "RT-8.5.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"relates_to_product_reference": "RT-8.5.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14615",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2020-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1789209"
}
],
"notes": [
{
"category": "description",
"text": "An information disclosure flaw was found in the Linux kernel. The i915 graphics driver lacks control of flow for data structures which may allow a local, authenticated user to disclose information when using ioctl commands with an attached i915 device. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Intel graphics card information leak.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6, 7, 8 and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise Linux 6, 7, and 8 may address this issue.\n\nThis has been rated as having Moderate security impact and is not currently planned to be addressed in future updates of Red Hat Enterprise MRG 2.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14615"
},
{
"category": "external",
"summary": "RHBZ#1789209",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1789209"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14615",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14615"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14615",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14615"
}
],
"release_date": "2020-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "Preventing loading of the i915 kernel module will prevent attackers from using this exploit against the system; however, the power management functionality of the card will be disabled and the system may draw additional power. See the kcs \u201cHow do I blacklist a kernel module to prevent it from loading automatically?\u201c (https://access.redhat.com/solutions/41278) for instructions on how to disable a kernel module from autoloading. Graphical displays may also be at low resolution or not work correctly.\n\nThis mitigation may not be suitable if the graphical login functionality is required.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Intel graphics card information leak."
},
{
"cve": "CVE-2020-0427",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-01-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1919893"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux pinctrl system. It is possible to trigger an of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bounds reads in pinctrl subsystem.",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-0427"
},
{
"category": "external",
"summary": "RHBZ#1919893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1919893"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-0427",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0427"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-0427",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0427"
}
],
"release_date": "2020-11-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: out-of-bounds reads in pinctrl subsystem."
},
{
"cve": "CVE-2020-24502",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-02-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1930379"
}
],
"notes": [
{
"category": "description",
"text": "Improper input validation in some Intel(R) Ethernet E810 Adapter drivers for Linux may allow an authenticated user to potentially enable a denial of service via local access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24502"
},
{
"category": "external",
"summary": "RHBZ#1930379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24502",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24502"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24502",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24502"
}
],
"release_date": "2021-02-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers"
},
{
"cve": "CVE-2020-24503",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"discovery_date": "2021-02-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1930381"
}
],
"notes": [
{
"category": "description",
"text": "Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers for Linux may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24503"
},
{
"category": "external",
"summary": "RHBZ#1930381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24503",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24503"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24503",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24503"
}
],
"release_date": "2021-02-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers"
},
{
"cve": "CVE-2020-24504",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-02-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1930376"
}
],
"notes": [
{
"category": "description",
"text": "An uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers for Linux may allow an authenticated user to potentially cause a denial of service via local access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24504"
},
{
"category": "external",
"summary": "RHBZ#1930376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24504",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24504"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24504",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24504"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00462.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00462.html"
}
],
"release_date": "2021-02-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers"
},
{
"cve": "CVE-2020-24586",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2021-05-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1959642"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernels implementation of wifi fragmentation handling. An attacker with the ability to transmit within the wireless transmission range of an access point can abuse a flaw where previous contents of wifi fragments can be unintentionally transmitted to another device.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Fragmentation cache not cleared on reconnection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24586"
},
{
"category": "external",
"summary": "RHBZ#1959642",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1959642"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24586"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24586",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24586"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-wireless/20210511200110.3f8290e59823.I622a67769ed39257327a362cfc09c812320eb979@changeid/",
"url": "https://lore.kernel.org/linux-wireless/20210511200110.3f8290e59823.I622a67769ed39257327a362cfc09c812320eb979@changeid/"
}
],
"release_date": "2021-05-12T01:20:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Fragmentation cache not cleared on reconnection"
},
{
"cve": "CVE-2020-24587",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"discovery_date": "2021-05-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1959654"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s WiFi implementation. An attacker within the wireless range can abuse a logic flaw in the WiFi implementation by reassembling packets from multiple fragments under different keys, treating them as valid. This flaw allows an attacker to send a fragment under an incorrect key, treating them as a valid fragment under the new key. The highest threat from this vulnerability is to confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Reassembling fragments encrypted under different keys",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24587"
},
{
"category": "external",
"summary": "RHBZ#1959654",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1959654"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24587",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24587"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24587",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24587"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-wireless/20210511200110.3f8290e59823.I622a67769ed39257327a362cfc09c812320eb979@changeid/",
"url": "https://lore.kernel.org/linux-wireless/20210511200110.3f8290e59823.I622a67769ed39257327a362cfc09c812320eb979@changeid/"
}
],
"release_date": "2021-05-11T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Reassembling fragments encrypted under different keys"
},
{
"cve": "CVE-2020-24588",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-05-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1959657"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernels wifi implementation. An attacker within wireless broadcast range can inject custom data into the wireless communication circumventing checks on the data. This can cause the frame to pass checks and be considered a valid frame of a different type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: wifi frame payload being parsed incorrectly as an L2 frame",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24588"
},
{
"category": "external",
"summary": "RHBZ#1959657",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1959657"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24588",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24588"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24588",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24588"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-wireless/20210511200110.25d93176ddaf.I9e265b597f2cd23eb44573f35b625947b386a9de@changeid/",
"url": "https://lore.kernel.org/linux-wireless/20210511200110.25d93176ddaf.I9e265b597f2cd23eb44573f35b625947b386a9de@changeid/"
}
],
"release_date": "2021-05-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: wifi frame payload being parsed incorrectly as an L2 frame"
},
{
"cve": "CVE-2020-26139",
"cwe": {
"id": "CWE-829",
"name": "Inclusion of Functionality from Untrusted Control Sphere"
},
"discovery_date": "2021-05-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1959663"
}
],
"notes": [
{
"category": "description",
"text": "Frames used for authentication and key management between the AP and connected clients. Some clients may take these redirected frames masquerading as control mechanisms from the AP.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Forwarding EAPOL from unauthenticated wifi client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-26139"
},
{
"category": "external",
"summary": "RHBZ#1959663",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1959663"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-26139",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26139"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-26139",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26139"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-wireless/20210511200110.cb327ed0cabe.Ib7dcffa2a31f0913d660de65ba3c8aca75b1d10f@changeid/",
"url": "https://lore.kernel.org/linux-wireless/20210511200110.cb327ed0cabe.Ib7dcffa2a31f0913d660de65ba3c8aca75b1d10f@changeid/"
}
],
"release_date": "2021-05-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Forwarding EAPOL from unauthenticated wifi client"
},
{
"cve": "CVE-2020-26140",
"cwe": {
"id": "CWE-346",
"name": "Origin Validation Error"
},
"discovery_date": "2021-05-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1960490"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Linux kernel. Where the WiFi implementations accept plaintext frames in a protected WiFi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: accepting plaintext data frames in protected networks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-26140"
},
{
"category": "external",
"summary": "RHBZ#1960490",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1960490"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-26140",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26140"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-26140",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26140"
}
],
"release_date": "2021-05-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: accepting plaintext data frames in protected networks"
},
{
"cve": "CVE-2020-26141",
"cwe": {
"id": "CWE-354",
"name": "Improper Validation of Integrity Check Value"
},
"discovery_date": "2021-05-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1960492"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Linux kernel\u0027s WiFi implementation. An attacker within wireless range can inject a control packet fragment where the kernel does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: not verifying TKIP MIC of fragmented frames",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-26141"
},
{
"category": "external",
"summary": "RHBZ#1960492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1960492"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26141"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-26141",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26141"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-wireless/20210511200110.c3f1d42c6746.I795593fcaae941c471425b8c7d5f7bb185d29142@changeid/",
"url": "https://lore.kernel.org/linux-wireless/20210511200110.c3f1d42c6746.I795593fcaae941c471425b8c7d5f7bb185d29142@changeid/"
}
],
"release_date": "2021-05-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: not verifying TKIP MIC of fragmented frames"
},
{
"cve": "CVE-2020-26143",
"cwe": {
"id": "CWE-346",
"name": "Origin Validation Error"
},
"discovery_date": "2021-05-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1960496"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Linux kernel, where the WiFi implementations assemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: accepting fragmented plaintext frames in protected networks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-26143"
},
{
"category": "external",
"summary": "RHBZ#1960496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1960496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-26143",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-26143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26143"
}
],
"release_date": "2021-05-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: accepting fragmented plaintext frames in protected networks"
},
{
"cve": "CVE-2020-26144",
"cwe": {
"id": "CWE-290",
"name": "Authentication Bypass by Spoofing"
},
"discovery_date": "2021-05-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1960498"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel, where the WiFi implementations accept plaintext A-MSDU frames as long as the first 8 bytes correspond to a valid RFC1042 (ex., LLC/SNAP) header for EAPOL. The highest threat from this vulnerability is to integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: accepting unencrypted A-MSDU frames that start with RFC1042 header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-26144"
},
{
"category": "external",
"summary": "RHBZ#1960498",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1960498"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-26144",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26144"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-26144",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26144"
}
],
"release_date": "2021-05-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: accepting unencrypted A-MSDU frames that start with RFC1042 header"
},
{
"cve": "CVE-2020-26145",
"cwe": {
"id": "CWE-307",
"name": "Improper Restriction of Excessive Authentication Attempts"
},
"discovery_date": "2021-05-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1960500"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ath10k_htt_rx_proc_rx_frag_ind_hl in drivers/net/wireless/ath/ath10k/htt_rx.c in the Linux kernel WiFi implementations, where it accepts a second (or subsequent) broadcast fragments even when sent in plaintext and then process them as full unfragmented frames. The highest threat from this vulnerability is to integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: accepting plaintext broadcast fragments as full frames",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-26145"
},
{
"category": "external",
"summary": "RHBZ#1960500",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1960500"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-26145",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26145"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-26145",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26145"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-wireless/20210511200110.9ca6ca7945a9.I1e18b514590af17c155bda86699bc3a971a8dcf4@changeid/",
"url": "https://lore.kernel.org/linux-wireless/20210511200110.9ca6ca7945a9.I1e18b514590af17c155bda86699bc3a971a8dcf4@changeid/"
}
],
"release_date": "2021-05-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: accepting plaintext broadcast fragments as full frames"
},
{
"cve": "CVE-2020-26146",
"cwe": {
"id": "CWE-307",
"name": "Improper Restriction of Excessive Authentication Attempts"
},
"discovery_date": "2021-05-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1960502"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Linux kernel, where the WiFi implementation reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: reassembling encrypted fragments with non-consecutive packet numbers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-26146"
},
{
"category": "external",
"summary": "RHBZ#1960502",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1960502"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-26146",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26146"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-26146",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26146"
}
],
"release_date": "2021-05-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: reassembling encrypted fragments with non-consecutive packet numbers"
},
{
"cve": "CVE-2020-26147",
"cwe": {
"id": "CWE-307",
"name": "Improper Restriction of Excessive Authentication Attempts"
},
"discovery_date": "2021-05-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1960504"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ieee80211_rx_h_defragment in net/mac80211/rx.c in the Linux Kernel\u0027s WiFi implementation. This vulnerability can be abused to inject packets or exfiltrate selected fragments when another device sends fragmented frames, and the WEP, CCMP, or GCMP data-confidentiality protocol is used. The highest threat from this vulnerability is to integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: reassembling mixed encrypted/plaintext fragments",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-26147"
},
{
"category": "external",
"summary": "RHBZ#1960504",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1960504"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-26147",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26147"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-26147",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26147"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-wireless/20210511200110.30c4394bb835.I5acfdb552cc1d20c339c262315950b3eac491397@changeid/",
"url": "https://lore.kernel.org/linux-wireless/20210511200110.30c4394bb835.I5acfdb552cc1d20c339c262315950b3eac491397@changeid/"
}
],
"release_date": "2021-05-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: reassembling mixed encrypted/plaintext fragments"
},
{
"cve": "CVE-2020-29368",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2020-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1903244"
}
],
"notes": [
{
"category": "description",
"text": "An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has been rated as having Moderateimpact because, based on Red Hat\u0027s assessment, this issue is hard to exploit in practice because the race window is too small for it to be reliable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-29368"
},
{
"category": "external",
"summary": "RHBZ#1903244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1903244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-29368",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29368"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-29368",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-29368"
}
],
"release_date": "2020-06-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check"
},
{
"cve": "CVE-2020-29660",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2020-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1906522"
}
],
"notes": [
{
"category": "description",
"text": "A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel. A local user could use this flaw to read numerical value from memory after free.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: locking inconsistency in drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c can lead to a read-after-free",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as having Low impact (Red Hat Enterprise Linux 7) because of the need to have CAP_SYS_TTY_CONFIG privileges.\n\nThis flaw is rated as having Moderate (Red Hat Enterprise Linux 8) impact because of the need to have CAP_SYS_TTY_CONFIG privileges. Red Hat Enterprise Linux 8 enabled unprivileged user/network namespaces by default which can be used to exercise this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-29660"
},
{
"category": "external",
"summary": "RHBZ#1906522",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906522"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-29660",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29660"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-29660",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-29660"
}
],
"release_date": "2020-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: locking inconsistency in drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c can lead to a read-after-free"
},
{
"cve": "CVE-2020-36158",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2021-01-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913348"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel. The marvell wifi driver could allow a local attacker to execute arbitrary code via a long SSID value in mwifiex_cmd_802_11_ad_hoc_start function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: buffer overflow in mwifiex_cmd_802_11_ad_hoc_start function in drivers/net/wireless/marvell/mwifiex/join.c via a long SSID value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated as having Moderate impact because the attacker needs to be local and privileged enough to be able to initiate ad-hoc WIFI network creation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36158"
},
{
"category": "external",
"summary": "RHBZ#1913348",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913348"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36158",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36158"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36158",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36158"
}
],
"release_date": "2020-12-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module mwifiex from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: buffer overflow in mwifiex_cmd_802_11_ad_hoc_start function in drivers/net/wireless/marvell/mwifiex/join.c via a long SSID value"
},
{
"cve": "CVE-2020-36312",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2021-04-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1947991"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the KVM hypervisor of the Linux kernel. A memory leak could occur in kvm_io_bus_unregister_dev() upon a kmalloc failure. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: memory leak upon a kmalloc failure in kvm_io_bus_unregister_dev function in virt/kvm/kvm_main.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36312"
},
{
"category": "external",
"summary": "RHBZ#1947991",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1947991"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36312",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36312"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36312",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36312"
}
],
"release_date": "2020-09-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: memory leak upon a kmalloc failure in kvm_io_bus_unregister_dev function in virt/kvm/kvm_main.c"
},
{
"cve": "CVE-2020-36386",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2021-06-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1969489"
}
],
"notes": [
{
"category": "description",
"text": "A flaw out of bounds memory access in the Linux kernel bluetooth subsystem was found in the way when some data being read about the bluetooth device with the hci_extended_inquiry_result_evt call. A local user could use this flaw to crash the system or read some data out of memory bounds that can lead to data confidentiality threat.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: slab out-of-bounds read in hci_extended_inquiry_result_evt() in net/bluetooth/hci_event.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as having a Moderate impact because even the data being read out of memory bounds is written to some cache, it was known before that this data from non-safe source and as result no any sensitive dependencies on this data.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36386"
},
{
"category": "external",
"summary": "RHBZ#1969489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1969489"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36386",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36386"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36386",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36386"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=51c19bf3d5cfaa66571e4b88ba2a6f6295311101",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=51c19bf3d5cfaa66571e4b88ba2a6f6295311101"
}
],
"release_date": "2020-07-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module bluetooth from being loaded (if Bluetooth not required for the system). Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: slab out-of-bounds read in hci_extended_inquiry_result_evt() in net/bluetooth/hci_event.c"
},
{
"cve": "CVE-2021-0129",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2021-05-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1965038"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel. Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Improper access control in BlueZ may allow information disclosure vulnerability.",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-0129"
},
{
"category": "external",
"summary": "RHBZ#1965038",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1965038"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-0129",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0129"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-0129",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0129"
}
],
"release_date": "2021-06-08T03:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Improper access control in BlueZ may allow information disclosure vulnerability."
},
{
"cve": "CVE-2021-3348",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2021-01-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1921958"
}
],
"notes": [
{
"category": "description",
"text": "A use after free flaw in the Linux kernel network block device (NBD) subsystem was found in the way user calls an ioctl NBD_SET_SOCK at a certain point during device setup.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Use-after-free in ndb_queue_rq() in drivers/block/nbd.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as having a Moderate impact because in the default configuration, the issue can only be triggered by a privileged local user (with access to the nbd device).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3348"
},
{
"category": "external",
"summary": "RHBZ#1921958",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921958"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3348",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3348"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3348",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3348"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-block/24dff677353e2e30a71d8b66c4dffdbdf77c4dbd.1611595239.git.josef@toxicpanda.com/",
"url": "https://lore.kernel.org/linux-block/24dff677353e2e30a71d8b66c4dffdbdf77c4dbd.1611595239.git.josef@toxicpanda.com/"
}
],
"release_date": "2021-01-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module nbd from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Use-after-free in ndb_queue_rq() in drivers/block/nbd.c"
},
{
"acknowledgments": [
{
"names": [
"Ryota Shiga"
]
}
],
"cve": "CVE-2021-3489",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-05-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1959559"
}
],
"notes": [
{
"category": "description",
"text": "A flaw out of bound memory write in the Linux kernel BPF subsystem was found in the way user writes to BPF ring buffer too fast, so larger buffer than available memory could be allocated. A local user could use this flaw to crash the system or possibly escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel eBPF RINGBUF map oversized allocation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3489"
},
{
"category": "external",
"summary": "RHBZ#1959559",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1959559"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3489",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3489"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3489",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3489"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=4b81ccebaeee885ab1aa1438133f2991e3a2b6ea",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=4b81ccebaeee885ab1aa1438133f2991e3a2b6ea"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/05/11/10",
"url": "https://www.openwall.com/lists/oss-security/2021/05/11/10"
}
],
"release_date": "2021-05-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "The default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl. This would require a privileged user with CAP_SYS_ADMIN or root to be able to abuse this flaw reducing its attack space.\n\nFor the Red Hat Enterprise Linux 7 the eBPF for unprivileged users is always disabled.\nFor the Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.\n\nA kernel update will be required to mitigate the flaw for the root or users with CAP_SYS_ADMIN capabilities.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Linux kernel eBPF RINGBUF map oversized allocation"
},
{
"acknowledgments": [
{
"names": [
"HaoXiong, LinMa"
],
"organization": "ckSec"
}
],
"cve": "CVE-2021-3564",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"discovery_date": "2021-05-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1964139"
}
],
"notes": [
{
"category": "description",
"text": "A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: double free in bluetooth subsystem when the HCI device initialization fails",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact is Moderate, because the double free happens during flush procedure, and no use of incorrect data during flush finishing even if double free could happen without kernel crash.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3564"
},
{
"category": "external",
"summary": "RHBZ#1964139",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964139"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3564"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3564",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3564"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/05/25/1",
"url": "https://www.openwall.com/lists/oss-security/2021/05/25/1"
}
],
"release_date": "2021-05-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: double free in bluetooth subsystem when the HCI device initialization fails"
},
{
"cve": "CVE-2021-3573",
"cwe": {
"id": "CWE-788",
"name": "Access of Memory Location After End of Buffer"
},
"discovery_date": "2021-05-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966578"
}
],
"notes": [
{
"category": "description",
"text": "A flaw use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info(). A privileged local user could use this flaw to crash the system or escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in function hci_sock_bound_ioctl()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated as having a Moderate impact because of the privileges (CAP_NET_ADMIN in initial namespace) required for exploiting the issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3573"
},
{
"category": "external",
"summary": "RHBZ#1966578",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966578"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3573"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3573",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3573"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth.git/commit/?id=e305509e678b3a4af2b3cfd410f409f7cdaabb52",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth.git/commit/?id=e305509e678b3a4af2b3cfd410f409f7cdaabb52"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/06/08/2",
"url": "https://www.openwall.com/lists/oss-security/2021/06/08/2"
}
],
"release_date": "2021-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising easThe required privileges is CAP_NET_ADMIN capabilities. This would require a privileged user with CAP_SYS_ADMIN or root to be able to abuse this flaw reducing its attack space.e of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free in function hci_sock_bound_ioctl()"
},
{
"cve": "CVE-2021-3600",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2021-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1981954"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u2019s eBPF verification code, where the eBPF 32-bit div/mod source register truncation could lead to out-of-bounds reads and writes. By default, accessing the eBPF verifier is only possible to privileged users with CAP_SYS_ADMIN. This flaw allows a local user who can run eBPF instructions to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: eBPF 32-bit source register truncation on div/mod",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3600"
},
{
"category": "external",
"summary": "RHBZ#1981954",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981954"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3600"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3600",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3600"
},
{
"category": "external",
"summary": "https://lore.kernel.org/patchwork/patch/1379497/",
"url": "https://lore.kernel.org/patchwork/patch/1379497/"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/06/23/1",
"url": "https://www.openwall.com/lists/oss-security/2021/06/23/1"
}
],
"release_date": "2021-06-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "The default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl. This would require a privileged user with CAP_SYS_ADMIN or root to be able to abuse this flaw reducing its attack space.\n\nFor the Red Hat Enterprise Linux 7 the eBPF for unprivileged users is always disabled.\nFor the Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.\n\nA kernel update will be required to mitigate the flaw for the root or users with CAP_SYS_ADMIN capabilities.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: eBPF 32-bit source register truncation on div/mod"
},
{
"cve": "CVE-2021-3635",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-06-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1976946"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel netfilter implementation. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: flowtable list del corruption with kernel BUG at lib/list_debug.c:50",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3635"
},
{
"category": "external",
"summary": "RHBZ#1976946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1976946"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3635",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3635"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3635",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3635"
}
],
"release_date": "2021-08-06T04:47:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: flowtable list del corruption with kernel BUG at lib/list_debug.c:50"
},
{
"cve": "CVE-2021-3659",
"cwe": {
"id": "CWE-252",
"name": "Unchecked Return Value"
},
"discovery_date": "2021-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1975949"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the Linux kernel\u2019s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3659"
},
{
"category": "external",
"summary": "RHBZ#1975949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3659",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3659"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3659",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3659"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1165affd484889d4986cf3b724318935a0b120d8",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1165affd484889d4986cf3b724318935a0b120d8"
}
],
"release_date": "2021-04-06T19:22:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module mac802154 from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c"
},
{
"acknowledgments": [
{
"names": [
"Haoran Luo"
],
"organization": "Chaitin Tech"
}
],
"cve": "CVE-2021-3679",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-07-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1989165"
}
],
"notes": [
{
"category": "description",
"text": "A lack of CPU resources in the Linux kernel tracing module functionality was found in the way users use the trace ring buffer in specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: DoS in rb_per_cpu_empty()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3679"
},
{
"category": "external",
"summary": "RHBZ#1989165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989165"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3679",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3679"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/20210723125527.767d1c18@oasis.local.home/",
"url": "https://lore.kernel.org/lkml/20210723125527.767d1c18@oasis.local.home/"
}
],
"release_date": "2021-07-20T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: DoS in rb_per_cpu_empty()"
},
{
"acknowledgments": [
{
"names": [
"Miklos Szeredi"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2021-3732",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-08-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1995249"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u2019s OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows a local user to gain access to hidden files that should not be accessible.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: overlayfs: Mounting overlayfs inside an unprivileged user namespace can reveal files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3732"
},
{
"category": "external",
"summary": "RHBZ#1995249",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995249"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3732",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3732"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3732",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3732"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=427215d85e8d",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=427215d85e8d"
}
],
"release_date": "2021-08-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: overlayfs: Mounting overlayfs inside an unprivileged user namespace can reveal files"
},
{
"acknowledgments": [
{
"names": [
"Loris Reiff"
]
}
],
"cve": "CVE-2021-20194",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-12-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1912683"
}
],
"notes": [
{
"category": "description",
"text": "A flaw buffer overflow in the Linux kernel BPF subsystem was found in the way user running BPF script calling getsockopt. A local user could use this flaw to crash the system or possibly escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: heap overflow in __cgroup_bpf_run_filter_getsockopt()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as having Moderate impact because of the need to have elevated privileges or non-standard configuration for running BPF script.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20194"
},
{
"category": "external",
"summary": "RHBZ#1912683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912683"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20194",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20194"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20194",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20194"
}
],
"release_date": "2021-01-22T10:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "The default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl. This would require a privileged user with CAP_SYS_ADMIN or root to be able to abuse this flaw reducing its attack space.\n\nFor the Red Hat Enterprise Linux 7 the eBPF for unprivileged users is always disabled.\n\nFor the Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 would mean that unprivileged users can not use eBPF.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: heap overflow in __cgroup_bpf_run_filter_getsockopt()"
},
{
"cve": "CVE-2021-20239",
"cwe": {
"id": "CWE-822",
"name": "Untrusted Pointer Dereference"
},
"discovery_date": "2021-02-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1923636"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the BPF protocol. This flaw allows an attacker with a local account to leak information about kernel internal addresses. The highest threat from this vulnerability is to confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: setsockopt System Call Untrusted Pointer Dereference Information Disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20239"
},
{
"category": "external",
"summary": "RHBZ#1923636",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923636"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20239",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20239"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20239",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20239"
}
],
"release_date": "2021-02-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "Loading a filter is a privileged (CAP_SYS_ADMIN or root) operation. Once any filter is used, this attack is capable of being used by an unprivileged user. There is no known mitigation that product security finds suitable for this flaw.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: setsockopt System Call Untrusted Pointer Dereference Information Disclosure"
},
{
"acknowledgments": [
{
"names": [
"Or Cohen"
],
"organization": "Palo Alto Networks"
}
],
"cve": "CVE-2021-23133",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2021-04-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1948772"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u0027s SCTP socket functionality that triggers a race condition. This flaw allows a local user to escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Race condition in sctp_destroy_sock list_del",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated as having a Moderate impact because of the privileges required for running the known reproducer. The required privileges are CAP_BPF and CAP_NET_ADMIN capabilities that are disabled by default in Red Hat Enterprise Linux 7. For Red Hat Enterprise Linux 8, the SCTP protocol itself is disabled by default and cannot be used by a user without enablement by an administrator.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-23133"
},
{
"category": "external",
"summary": "RHBZ#1948772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948772"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-23133",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23133"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23133",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23133"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b166a20b07382b8bc1dcee2a448715c9c2c81b5b",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b166a20b07382b8bc1dcee2a448715c9c2c81b5b"
}
],
"release_date": "2021-04-18T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module sctp from being loaded (and this is so by default for Red Hat Enterprise Linux 8). Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Race condition in sctp_destroy_sock list_del"
},
{
"cve": "CVE-2021-28950",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2021-03-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1941762"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service in the kernel side of the FUSE functionality can allow a local system to create a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: fuse: stall on CPU can occur because a retry loop continually finds the same bad inode",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-28950"
},
{
"category": "external",
"summary": "RHBZ#1941762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941762"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-28950",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28950"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-28950",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28950"
}
],
"release_date": "2021-03-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "As the FUSE module will be auto-loaded when required, its use can be disabled by preventing the module from loading with the following instructions:\n\n# echo \"install fuse /bin/true\" \u003e\u003e /etc/modprobe.d/disable-fuse.conf\n\nThe system will need to be restarted if the FUSE modules are loaded. In most circumstances, the CIFS kernel modules will be unable to be unloaded while the FUSE filesystems are in use.\n\nIf the system requires this module to work correctly, this mitigation may not be suitable.\n\nIf you need further assistance, see KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: fuse: stall on CPU can occur because a retry loop continually finds the same bad inode"
},
{
"cve": "CVE-2021-28971",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-03-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1941784"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel. On some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: System crash in intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-28971"
},
{
"category": "external",
"summary": "RHBZ#1941784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941784"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-28971",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28971"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-28971",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28971"
}
],
"release_date": "2021-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: System crash in intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c"
},
{
"cve": "CVE-2021-29155",
"cwe": {
"id": "CWE-205",
"name": "Observable Behavioral Discrepancy"
},
"discovery_date": "2021-04-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1951595"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in retrieve_ptr_limit in kernel/bpf/verifier.c in the Linux kernel mechanism to mitigate speculatively out-of-bounds loads (Spectre mitigation). In this flaw a local, special user privileged (CAP_SYS_ADMIN) BPF program running on affected systems may bypass the protection, and execute speculatively out-of-bounds loads from the kernel memory. This can be abused to extract contents of kernel memory via side-channel.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: protection for sequences of pointer arithmetic operations against speculatively out-of-bounds loads can be bypassed to leak content of kernel memory",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29155"
},
{
"category": "external",
"summary": "RHBZ#1951595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951595"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29155",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29155"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/04/18/4",
"url": "https://www.openwall.com/lists/oss-security/2021/04/18/4"
}
],
"release_date": "2021-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "The default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl. This would require a privileged user with CAP_SYS_ADMIN or root to be able to abuse this flaw reducing its attack space.\n\nFor the Red Hat Enterprise Linux 7 the eBPF for unprivileged users is always disabled.\nFor the Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.\n\nA kernel update will be required to mitigate the flaw for the root or users with CAP_SYS_ADMIN capabilities.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: protection for sequences of pointer arithmetic operations against speculatively out-of-bounds loads can be bypassed to leak content of kernel memory"
},
{
"cve": "CVE-2021-29646",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-03-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1945345"
}
],
"notes": [
{
"category": "description",
"text": "A flaw buffer overflow in the Linux kernel TIPC protocol functionality was found in the way user uses protocol with encryption enabled. A local user could use this flaw to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: improper input validation in tipc_nl_retrieve_key function in net/tipc/node.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29646"
},
{
"category": "external",
"summary": "RHBZ#1945345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945345"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29646",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29646"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29646",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29646"
}
],
"release_date": "2021-03-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: improper input validation in tipc_nl_retrieve_key function in net/tipc/node.c"
},
{
"cve": "CVE-2021-29650",
"cwe": {
"id": "CWE-366",
"name": "Race Condition within a Thread"
},
"discovery_date": "2021-03-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1945388"
}
],
"notes": [
{
"category": "description",
"text": "A denial-of-service (DoS) flaw was identified in the Linux kernel due to an incorrect memory barrier in xt_replace_table in net/netfilter/x_tables.c in the netfilter subsystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: lack a full memory barrier upon the assignment of a new table value in net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h may lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29650"
},
{
"category": "external",
"summary": "RHBZ#1945388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29650",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29650"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29650",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29650"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=175e476b8cdf2a4de7432583b49c871345e4f8a1",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=175e476b8cdf2a4de7432583b49c871345e4f8a1"
}
],
"release_date": "2021-03-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: lack a full memory barrier upon the assignment of a new table value in net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h may lead to DoS"
},
{
"acknowledgments": [
{
"names": [
"Manfred Paul"
],
"organization": "RedRocket CTF team"
}
],
"cve": "CVE-2021-31440",
"cwe": {
"id": "CWE-682",
"name": "Incorrect Calculation"
},
"discovery_date": "2021-05-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1964028"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds access flaw was found in the Linux kernel\u2019s implementation of the eBPF code verifier, where an incorrect register bounds calculation while checking unsigned 32-bit instructions in an eBPF program occurs.. By default accessing the eBPF verifier is only accessible to privileged users with CAP_SYS_ADMIN. The issue results from the lack of proper validation of user-supplied eBPF programs prior to executing them. A local user could use this flaw to crash the system or possibly escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: local escalation of privileges in handling of eBPF programs",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-31440"
},
{
"category": "external",
"summary": "RHBZ#1964028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964028"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-31440",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31440"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-31440",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31440"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=10bf4e83167cc68595b85fd73bb91e8f2c086e36",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=10bf4e83167cc68595b85fd73bb91e8f2c086e36"
},
{
"category": "external",
"summary": "https://www.zerodayinitiative.com/blog/2021/5/26/cve-2021-31440-an-incorrect-bounds-calculation-in-the-linux-kernel-ebpf-verifier",
"url": "https://www.zerodayinitiative.com/blog/2021/5/26/cve-2021-31440-an-incorrect-bounds-calculation-in-the-linux-kernel-ebpf-verifier"
}
],
"release_date": "2021-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "The default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl. This would require a privileged user with CAP_SYS_ADMIN or root to be able to abuse this flaw reducing its attack space.\n\nFor the Red Hat Enterprise Linux 7 the eBPF for unprivileged users is always disabled.\nFor the Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.\n\nA kernel update will be required to mitigate the flaw for the root or users with CAP_SYS_ADMIN capabilities.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: local escalation of privileges in handling of eBPF programs"
},
{
"cve": "CVE-2021-31829",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-05-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1957788"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s eBPF verification code. By default, accessing the eBPF verifier is only accessible to privileged users with CAP_SYS_ADMIN. This flaw allows a local user who can insert eBPF instructions, to use the eBPF verifier to abuse a spectre-like flaw and infer all system memory. The highest threat from this vulnerability is to confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: protection of stack pointer against speculative pointer arithmetic can be bypassed to leak content of kernel memory",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-31829"
},
{
"category": "external",
"summary": "RHBZ#1957788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1957788"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-31829",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31829"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-31829",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31829"
}
],
"release_date": "2021-04-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "The default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl. This would require a privileged user with CAP_SYS_ADMIN or root to be able to abuse this flaw reducing its attack space.\n\nFor the Red Hat Enterprise Linux 7 and 8 kernel to confirm the current state, inspect the sysctl with the command:\n\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.\n\nA kernel update will be required to mitigate the flaw for the root or users with CAP_SYS_ADMIN capabilities.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: protection of stack pointer against speculative pointer arithmetic can be bypassed to leak content of kernel memory"
},
{
"cve": "CVE-2021-31916",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2021-03-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1946965"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash, a leak of internal kernel information, or a privilege escalation problem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out of bounds array access in drivers/md/dm-ioctl.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated a Low impact because in the default configuration, the issue can only be triggered by a privileged local user.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-31916"
},
{
"category": "external",
"summary": "RHBZ#1946965",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946965"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-31916",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31916"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-31916",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31916"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/4edbe1d7bcffcd6269f3b5eb63f710393ff2ec7a",
"url": "https://github.com/torvalds/linux/commit/4edbe1d7bcffcd6269f3b5eb63f710393ff2ec7a"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2021/q1/268",
"url": "https://seclists.org/oss-sec/2021/q1/268"
}
],
"release_date": "2021-03-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: out of bounds array access in drivers/md/dm-ioctl.c"
},
{
"cve": "CVE-2021-33033",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2021-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1961300"
}
],
"notes": [
{
"category": "description",
"text": "A flaw use-after-free in the Linux kernel CIPSO network packet labeling protocol functionality was found in the way user open local network connection with the usage of the security labeling that is IP option number 134. A local user could use this flaw to crash the system or possibly escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Considered to be Moderate rate, because by default CIPSO non-enabled and both no known way to reproduce the attack remotely and both it looks complex if even possible to use the attack in any way apart from crashing the system. For the usage of the inbound CIPSO connections, the administrator have to enable it with netlabelctl utility first. The vulnerability is considered to be for local user, because it can happen only when a local user opens a socket for sending packets, but not during receiving packets.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33033"
},
{
"category": "external",
"summary": "RHBZ#1961300",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1961300"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33033",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33033"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33033",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33033"
}
],
"release_date": "2021-03-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "The mitigation would be not allowing CIPSO labeling for the inbound network connections. For the most of the default configurations both for network routers and for the Linux servers itself it is disabled by default.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c"
},
{
"cve": "CVE-2021-33200",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1965458"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in kernel/bpf/verifier.c in BPF in the Linux kernel. An incorrect limit is enforced for pointer arithmetic operations which can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bounds reads and writes due to enforcing incorrect limits for pointer arithmetic operations by BPF verifier",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33200"
},
{
"category": "external",
"summary": "RHBZ#1965458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1965458"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33200",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33200"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33200",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33200"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/patch/?id=3d0220f6861d713213b015b582e9f21e5b28d2e0",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/patch/?id=3d0220f6861d713213b015b582e9f21e5b28d2e0"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/patch/?id=a7036191277f9fa68d92f2071ddc38c09b1e5ee5",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/patch/?id=a7036191277f9fa68d92f2071ddc38c09b1e5ee5"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/patch/?id=bb01a1bba579b4b1c5566af24d95f1767859771e",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/patch/?id=bb01a1bba579b4b1c5566af24d95f1767859771e"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/05/27/1",
"url": "https://www.openwall.com/lists/oss-security/2021/05/27/1"
}
],
"release_date": "2021-05-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "The default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl. This would require a privileged user with CAP_SYS_ADMIN or root to be able to abuse this flaw reducing its attack space.\n\nFor the Red Hat Enterprise Linux 7 the eBPF for unprivileged users is always disabled.\nFor the Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.\n\nA kernel update will be required to mitigate the flaw for the root or users with CAP_SYS_ADMIN capabilities.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: out-of-bounds reads and writes due to enforcing incorrect limits for pointer arithmetic operations by BPF verifier"
},
{
"cve": "CVE-2021-46905",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-02-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2266253"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Linux kernel. This flaw occurs due to an unconditional NULL-pointer dereference on every disconnect in the Linux kernel.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: NULL-deref on disconnect regression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-46905"
},
{
"category": "external",
"summary": "RHBZ#2266253",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266253"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-46905",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46905"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-46905",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46905"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024022557-CVE-2021-46905-6507@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024022557-CVE-2021-46905-6507@gregkh/T"
}
],
"release_date": "2024-02-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: NULL-deref on disconnect regression"
},
{
"cve": "CVE-2022-20166",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-08-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2122089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u2019s sysfs layer. This flaw allows a local user who can read files under the /sysfs mount point to corrupt memory or possibly crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: possible buffer overflow in sysfs reading",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-20166"
},
{
"category": "external",
"summary": "RHBZ#2122089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2122089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-20166",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20166"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-20166",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20166"
}
],
"release_date": "2022-08-15T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-09T17:26:23+00:00",
"details": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"NFV-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"NFV-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.src",
"RT-8.5.0.GA:kernel-rt-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-core-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-devel-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-kvm-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-0:4.18.0-348.rt7.130.el8.x86_64",
"RT-8.5.0.GA:kernel-rt-modules-extra-0:4.18.0-348.rt7.130.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: possible buffer overflow in sysfs reading"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…