Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-41617 (GCVE-0-2021-41617)
Vulnerability from cvelistv5 – Published: 2021-09-26 00:00 – Updated: 2024-08-04 03:15
VLAI?
EPSS
Summary
sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:15:29.208Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.openssh.com/security.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2021/09/26/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openssh.com/txt/release-8.8"
},
{
"name": "FEDORA-2021-1f7339271d",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/"
},
{
"name": "FEDORA-2021-f8df0f8563",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/"
},
{
"name": "FEDORA-2021-fa0e94198f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1190975"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20211014-0004/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.starwindsoftware.com/security/sw-20220805-0001/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tenable.com/plugins/nessus/154174"
},
{
"name": "DSA-5586",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5586"
},
{
"name": "[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-26T04:06:21.619780",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.openssh.com/security.html"
},
{
"url": "https://www.openwall.com/lists/oss-security/2021/09/26/1"
},
{
"url": "https://www.openssh.com/txt/release-8.8"
},
{
"name": "FEDORA-2021-1f7339271d",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/"
},
{
"name": "FEDORA-2021-f8df0f8563",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/"
},
{
"name": "FEDORA-2021-fa0e94198f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1190975"
},
{
"url": "https://security.netapp.com/advisory/ntap-20211014-0004/"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"url": "https://www.starwindsoftware.com/security/sw-20220805-0001/"
},
{
"url": "https://www.tenable.com/plugins/nessus/154174"
},
{
"name": "DSA-5586",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5586"
},
{
"name": "[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-41617",
"datePublished": "2021-09-26T00:00:00",
"dateReserved": "2021-09-26T00:00:00",
"dateUpdated": "2024-08-04T03:15:29.208Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2021-41617\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2021-09-26T19:15:07.263\",\"lastModified\":\"2024-11-21T06:26:32.077\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.\"},{\"lang\":\"es\",\"value\":\"sshd en OpenSSH versiones 6.2 hasta 8.x anteriores a 8.8, cuando son usadas determinadas configuraciones no predeterminadas, permite una escalada de privilegios porque los grupos complementarios no son inicializados como se espera. Los programas de ayuda para AuthorizedKeysCommand y AuthorizedPrincipalsCommand pueden ejecutarse con privilegios asociados a la pertenencia a grupos del proceso sshd, si la configuraci\u00f3n especifica la ejecuci\u00f3n del comando como un usuario diferente\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":4.4,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"8.8\",\"matchCriteriaId\":\"8F20A48B-F6C5-4296-82AE-DA00D6A20BCE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E460AA51-FCDA-46B9-AE97-E6676AA5E194\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A930E247-0B43-43CB-98FF-6CE7B8189835\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"3A756737-1CC4-42C2-A4DF-E1C893B4E2D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FE996B1-6951-4F85-AA58-B99A379D2163\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3C19813-E823-456A-B1CE-EC0684CE1953\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7CF3019-975D-40BB-A8A4-894E62BD3797\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:aff_a250_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D5DE972-F8B8-4964-943A-DA0BD18289D1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:aff_a250:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4B1F59C-6ADA-4930-834F-2A8A8444F6AE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:aff_500f_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"578BB9A7-BF28-4068-A9A6-1DE19CEEC293\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:aff_500f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AB58180-E5E0-4056-ABF9-A99E9F6A9E86\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:http_server:12.2.1.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38A45A86-3B7E-4245-B717-2A6E868BE6BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFC79B17-E9D2-44D5-93ED-2F959E7A3D43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD04BEE5-E9A8-4584-A68C-0195CE9C402C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3E503FB-6279-4D4A-91D8-E237ECF9D2B0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8r13:14398:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE49F316-C502-4D7A-AA70-D7745AEDAA93\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1190975\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20211014-0004/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5586\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.openssh.com/security.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.openssh.com/txt/release-8.8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2021/09/26/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.starwindsoftware.com/security/sw-20220805-0001/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/plugins/nessus/154174\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1190975\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20211014-0004/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5586\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.openssh.com/security.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.openssh.com/txt/release-8.8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2021/09/26/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.starwindsoftware.com/security/sw-20220805-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/plugins/nessus/154174\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
CERTFR-2022-AVI-916
Vulnerability from certfr_avis - Published: 2022-10-13 - Updated: 2022-10-13
De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | N/A | Contrail Networking versions antérieures à R22.3 | ||
| Juniper Networks | N/A | Paragon Active Assurance (anciennement Netrounds) versions antérieures à 3.1.1 | ||
| Juniper Networks | Junos Space | Junos Space versions antérieures à 22.2R1 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions antérieures à 20.4R3-S4-EVO, 21.2R2-EVO, 21.3R2-EVO, 21.4R1-EVO, 21.3R3-EVO, 21.4R2-EVO, 22.1R2-EVO, 22.2R1-EVO, 20.4R3-S3-EVO, 21.1R2-EVO, 21.2R1-EVO, 20.4R3-S4-EVO, 21.3R3-EVO, 21.4R2-EVO, 22.1R2-EVO, 22.2R1-EVO, 20.4R3-S4-EVO, 21.4R3-EVO, 22.1R2-EVO, 22.2R1-EVO, 21.4R3-EVO, 22.1R1-S2-EVO, 22.1R3-EVO, 22.2R2-EVO, 22.3R1-EVO, 20.4R3-S5-EVO, 21.1R3-EVO, 21.2R2-S1-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R1-EVO, 21.4R1-S2-EVO, 21.4R2-S1-EVO, 21.4R3-EVO, 22.1R2-EVO, 22.2R1-EVO, 20.4R3-S1-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R1-EVO, 20.4R3-S3-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R1-S1-EVO, 21.4R2-EVO, 22.1R1-EVO, 20.4R3-S1-EVO, 21.2R1-S2-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R1-EVO, 20.4R3-S5-EVO, 21.1R3-S2-EVO, 21.2R3-S1-EVO, 21.3R3-S2-EVO, 21.4R2-EVO, 22.1R2-EVO, 22.2R2-EVO, 22.3R1-EVO, 20.4R3-S4-EVO, 21.1R3-S2-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R1-EVO, 20.2R3-S3-EVO, 20.4R3-S1-EVO, 21.3R2-EVO, 21.4R1-EVO, 21.1R3-S2-EVO, 21.2R3-S2-EVO, 21.3R3-EVO, 21.4R1-S1-EVO, 21.4R2-EVO et 22.1R1-EVO | ||
| Juniper Networks | N/A | Contrail Networking versions antérieures à 2011.L5 | ||
| Juniper Networks | N/A | Steel Belted Radius Carrier Edition versions antérieures à 8.6.0R16 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 19.2R3-S6, 20.2R3-S4, 20.3R3-S3, 20.4R3-S4, 21.1R2, 21.2R2, 21.3R2, 21.4R1, 19.1R3-S9, 19.2R3-S6, 19.3R3-S7, 19.4R2-S7, 19.4R3-S9, 20.2R3-S5, 20.3R3-S4, 20.4R3-S4, 21.1R3-S1, 21.2R3, 21.3R2, 21.4R1-S2, 21.4R2, 22.1R1, 19.4R2-S6, 19.4R3-S7, 20.1R3-S3, 20.2R3-S4, 20.3R3-S3, 20.4R3-S2, 21.1R3, 21.2R3, 21.3R1-S2, 21.3R2, 21.4R1, 19.1R3-S9, 19.2R3-S5, 19.3R3-S3, 19.4R3-S9, 20.1R3, 20.2R3-S1, 20.3R3, 20.4R3, 21.1R2, 21.2R1, 15.1R7-S11, 18.4R2-S10, 18.4R3-S10, 19.1R3-S8, 19.2R3-S4, 19.3R3-S5, 19.4R2-S6, 19.4R3-S7, 20.1R3-S3, 20.2R3-S3, 20.3R3-S2, 20.4R3-S4, 21.1R3, 21.2R3-S3, 21.3R3-S1, 21.4R1, 15.1R7-S13, 19.1R3-S9, 19.2R3-S6, 19.3R3-S6, 19.4R2-S7, 19.4R3-S8, 20.2R3-S5, 20.3R3-S5, 20.4R3-S2, 21.1R3, 21.2R3, 21.3R2, 21.4R1, 18.4R2-S10, 18.4R3-S10, 19.1R3-S7, 19.2R1-S8, 19.2R3-S4, 19.4R3-S8, 20.2R3-S3, 20.3R3-S2, 20.4R3, 21.1R2, 21.2R1, 19.4R2-S8, 19.4R3-S9, 20.2R3-S5, 20.3R3-S5, 20.4R3-S4, 21.1R3-S3, 21.2R3-S2, 21.3R3-S1, 21.4R2-S1, 21.4R3, 22.1R1-S2, 22.1R3, 22.2R1-S1, 22.2R2, 22.3R1, 21.3R3-S2, 21.4R2-S2, 21.4R3, 22.1R1-S2, 22.1R3, 22.2R2, 22.3R1, 21.2R3-S1, 21.3R2-S2, 21.3R3, 21.4R2-S1, 21.4R3, 22.1R1-S1, 22.1R2, 22.2R1, 21.4R1-S2, 21.4R2-S1, 21.4R3, 22.1R2, 22.2R1, 21.4R1-S2, 21.4R2, 22.1R1-S1, 22.1R2, 22.2R1, 17.3R3-S12, 17.4R2-S13, 17.4R3-S5, 18.1R3-S13, 18.2R3-S8, 18.3R3-S5, 18.4R1-S8, 18.4R2-S6, 18.4R3-S6, 19.1R3-S4, 19.2R1-S7, 19.2R3-S1, 19.3R2-S6, 19.3R3-S1, 19.4R1-S4, 19.4R2-S4, 19.4R3-S1, 20.1R2, 20.2R2-S3, 20.2R3, 20.3R2, 20.4R1, 21.1R3-S2, 21.2R3-S1, 21.3R3, 21.4R2, 22.1R2, 22.2R1, 20.2R3-S5, 20.3R3-S4, 20.4R3-S3, 21.1R3-S2, 21.2R3-S1, 21.3R3, 21.4R1-S2, 21.4R2, 22.1R1-S1, 22.1R2, 22.2R1, 18.4R3-S11, 19.1R3-S9, 19.2R1-S9, 19.2R3-S5, 19.3R3-S6, 19.4R2-S7, 19.4R3-S8, 20.1R3-S4, 20.2R3-S4, 20.3R3-S4, 20.4R3-S3, 21.1R3-S1, 21.2R3, 21.3R2, 21.4R2, 22.1R1, 19.2R3-S5, 19.3R3-S5, 19.4R2-S6, 19.4R3-S8, 20.2R3-S4, 20.3R3-S3, 20.4R3-S3, 21.1R3-S1, 21.2R3, 21.3R2, 21.4R1-S1, 21.4R2, 22.1R1, 19.4R3-S9, 20.2R3-S5, 20.3R3-S2, 20.4R3-S1, 21.1R3, 21.2R1-S2, 21.2R2-S1, 21.2R3, 21.3R2, 21.4R1, 21.4R1-S2, 21.4R2, 22.1R1, 19.2R3-S6, 19.4R2-S8, 19.4R3-S9, 20.2R3-S5, 20.3R3-S5, 20.4R3-S4, 21.1R3-S2, 21.2R3-S1, 21.3R3-S2, 21.4R2, 22.1R2, 22.3R1, 18.4R2-S9, 18.4R3-S11, 19.1R3-S8, 19.3R3-S5, 19.4R2-S6, 19.4R3-S6, 20.2R3-S3, 20.3R3-S2, 20.4R3-S1, 21.1R3-S3, 21.2R2-S1, 21.2R3, 21.3R1, 19.1R3-S9, 19.2R3-S6, 19.3R3-S7, 19.4R3-S9, 20.1R3-S5, 20.2R3-S5, 20.3R3-S5, 20.4R3-S4, 21.1R3-S2, 21.3R3, 21.4R3, 22.1R2, 22.2R1, 19.4R3-S8, 20.1R3-S2, 20.2R3-S3, 20.3R3-S2, 20.4R3-S1, 21.1R3, 21.2R1-S2, 21.2R3, 21.3R2, 21.4R1, 20.4R3-S4, 21.1R3-S2, 21.2R3-S2, 21.3R2-S2, 21.3R3, 21.4R1-S2, 21.4R2, 21.4R3, 22.1R1-S1, 22.1R2 et 22.2R1 | ||
| Juniper Networks | Session Smart Router | Session Smart Router versions antérieures à 5.4.7 | ||
| Juniper Networks | Session Smart Router | Session Smart Router versions 5.5.x antérieures à 5.5.3 | ||
| Juniper Networks | N/A | Paragon Active Assurance (anciennement Netrounds) versions 3.2.x antérieures à 3.2.1 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Contrail Networking versions ant\u00e9rieures \u00e0 R22.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Paragon Active Assurance (anciennement Netrounds) versions ant\u00e9rieures \u00e0 3.1.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space versions ant\u00e9rieures \u00e0 22.2R1",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 20.4R3-S4-EVO, 21.2R2-EVO, 21.3R2-EVO, 21.4R1-EVO, 21.3R3-EVO, 21.4R2-EVO, 22.1R2-EVO, 22.2R1-EVO, 20.4R3-S3-EVO, 21.1R2-EVO, 21.2R1-EVO, 20.4R3-S4-EVO, 21.3R3-EVO, 21.4R2-EVO, 22.1R2-EVO, 22.2R1-EVO, 20.4R3-S4-EVO, 21.4R3-EVO, 22.1R2-EVO, 22.2R1-EVO, 21.4R3-EVO, 22.1R1-S2-EVO, 22.1R3-EVO, 22.2R2-EVO, 22.3R1-EVO, 20.4R3-S5-EVO, 21.1R3-EVO, 21.2R2-S1-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R1-EVO, 21.4R1-S2-EVO, 21.4R2-S1-EVO, 21.4R3-EVO, 22.1R2-EVO, 22.2R1-EVO, 20.4R3-S1-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R1-EVO, 20.4R3-S3-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R1-S1-EVO, 21.4R2-EVO, 22.1R1-EVO, 20.4R3-S1-EVO, 21.2R1-S2-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R1-EVO, 20.4R3-S5-EVO, 21.1R3-S2-EVO, 21.2R3-S1-EVO, 21.3R3-S2-EVO, 21.4R2-EVO, 22.1R2-EVO, 22.2R2-EVO, 22.3R1-EVO, 20.4R3-S4-EVO, 21.1R3-S2-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R1-EVO, 20.2R3-S3-EVO, 20.4R3-S1-EVO, 21.3R2-EVO, 21.4R1-EVO, 21.1R3-S2-EVO, 21.2R3-S2-EVO, 21.3R3-EVO, 21.4R1-S1-EVO, 21.4R2-EVO et 22.1R1-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Contrail Networking versions ant\u00e9rieures \u00e0 2011.L5",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Steel Belted Radius Carrier Edition versions ant\u00e9rieures \u00e0 8.6.0R16",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 19.2R3-S6, 20.2R3-S4, 20.3R3-S3, 20.4R3-S4, 21.1R2, 21.2R2, 21.3R2, 21.4R1, 19.1R3-S9, 19.2R3-S6, 19.3R3-S7, 19.4R2-S7, 19.4R3-S9, 20.2R3-S5, 20.3R3-S4, 20.4R3-S4, 21.1R3-S1, 21.2R3, 21.3R2, 21.4R1-S2, 21.4R2, 22.1R1, 19.4R2-S6, 19.4R3-S7, 20.1R3-S3, 20.2R3-S4, 20.3R3-S3, 20.4R3-S2, 21.1R3, 21.2R3, 21.3R1-S2, 21.3R2, 21.4R1, 19.1R3-S9, 19.2R3-S5, 19.3R3-S3, 19.4R3-S9, 20.1R3, 20.2R3-S1, 20.3R3, 20.4R3, 21.1R2, 21.2R1, 15.1R7-S11, 18.4R2-S10, 18.4R3-S10, 19.1R3-S8, 19.2R3-S4, 19.3R3-S5, 19.4R2-S6, 19.4R3-S7, 20.1R3-S3, 20.2R3-S3, 20.3R3-S2, 20.4R3-S4, 21.1R3, 21.2R3-S3, 21.3R3-S1, 21.4R1, 15.1R7-S13, 19.1R3-S9, 19.2R3-S6, 19.3R3-S6, 19.4R2-S7, 19.4R3-S8, 20.2R3-S5, 20.3R3-S5, 20.4R3-S2, 21.1R3, 21.2R3, 21.3R2, 21.4R1, 18.4R2-S10, 18.4R3-S10, 19.1R3-S7, 19.2R1-S8, 19.2R3-S4, 19.4R3-S8, 20.2R3-S3, 20.3R3-S2, 20.4R3, 21.1R2, 21.2R1, 19.4R2-S8, 19.4R3-S9, 20.2R3-S5, 20.3R3-S5, 20.4R3-S4, 21.1R3-S3, 21.2R3-S2, 21.3R3-S1, 21.4R2-S1, 21.4R3, 22.1R1-S2, 22.1R3, 22.2R1-S1, 22.2R2, 22.3R1, 21.3R3-S2, 21.4R2-S2, 21.4R3, 22.1R1-S2, 22.1R3, 22.2R2, 22.3R1, 21.2R3-S1, 21.3R2-S2, 21.3R3, 21.4R2-S1, 21.4R3, 22.1R1-S1, 22.1R2, 22.2R1, 21.4R1-S2, 21.4R2-S1, 21.4R3, 22.1R2, 22.2R1, 21.4R1-S2, 21.4R2, 22.1R1-S1, 22.1R2, 22.2R1, 17.3R3-S12, 17.4R2-S13, 17.4R3-S5, 18.1R3-S13, 18.2R3-S8, 18.3R3-S5, 18.4R1-S8, 18.4R2-S6, 18.4R3-S6, 19.1R3-S4, 19.2R1-S7, 19.2R3-S1, 19.3R2-S6, 19.3R3-S1, 19.4R1-S4, 19.4R2-S4, 19.4R3-S1, 20.1R2, 20.2R2-S3, 20.2R3, 20.3R2, 20.4R1, 21.1R3-S2, 21.2R3-S1, 21.3R3, 21.4R2, 22.1R2, 22.2R1, 20.2R3-S5, 20.3R3-S4, 20.4R3-S3, 21.1R3-S2, 21.2R3-S1, 21.3R3, 21.4R1-S2, 21.4R2, 22.1R1-S1, 22.1R2, 22.2R1, 18.4R3-S11, 19.1R3-S9, 19.2R1-S9, 19.2R3-S5, 19.3R3-S6, 19.4R2-S7, 19.4R3-S8, 20.1R3-S4, 20.2R3-S4, 20.3R3-S4, 20.4R3-S3, 21.1R3-S1, 21.2R3, 21.3R2, 21.4R2, 22.1R1, 19.2R3-S5, 19.3R3-S5, 19.4R2-S6, 19.4R3-S8, 20.2R3-S4, 20.3R3-S3, 20.4R3-S3, 21.1R3-S1, 21.2R3, 21.3R2, 21.4R1-S1, 21.4R2, 22.1R1, 19.4R3-S9, 20.2R3-S5, 20.3R3-S2, 20.4R3-S1, 21.1R3, 21.2R1-S2, 21.2R2-S1, 21.2R3, 21.3R2, 21.4R1, 21.4R1-S2, 21.4R2, 22.1R1, 19.2R3-S6, 19.4R2-S8, 19.4R3-S9, 20.2R3-S5, 20.3R3-S5, 20.4R3-S4, 21.1R3-S2, 21.2R3-S1, 21.3R3-S2, 21.4R2, 22.1R2, 22.3R1, 18.4R2-S9, 18.4R3-S11, 19.1R3-S8, 19.3R3-S5, 19.4R2-S6, 19.4R3-S6, 20.2R3-S3, 20.3R3-S2, 20.4R3-S1, 21.1R3-S3, 21.2R2-S1, 21.2R3, 21.3R1, 19.1R3-S9, 19.2R3-S6, 19.3R3-S7, 19.4R3-S9, 20.1R3-S5, 20.2R3-S5, 20.3R3-S5, 20.4R3-S4, 21.1R3-S2, 21.3R3, 21.4R3, 22.1R2, 22.2R1, 19.4R3-S8, 20.1R3-S2, 20.2R3-S3, 20.3R3-S2, 20.4R3-S1, 21.1R3, 21.2R1-S2, 21.2R3, 21.3R2, 21.4R1, 20.4R3-S4, 21.1R3-S2, 21.2R3-S2, 21.3R2-S2, 21.3R3, 21.4R1-S2, 21.4R2, 21.4R3, 22.1R1-S1, 22.1R2 et 22.2R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Session Smart Router versions ant\u00e9rieures \u00e0 5.4.7",
"product": {
"name": "Session Smart Router",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Session Smart Router versions 5.5.x ant\u00e9rieures \u00e0 5.5.3",
"product": {
"name": "Session Smart Router",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Paragon Active Assurance (anciennement Netrounds) versions 3.2.x ant\u00e9rieures \u00e0 3.2.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2022-22243",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22243"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2020-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25710"
},
{
"name": "CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"name": "CVE-2022-24407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24407"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2022-22238",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22238"
},
{
"name": "CVE-2022-22249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22249"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2022-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22227"
},
{
"name": "CVE-2016-0701",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0701"
},
{
"name": "CVE-2021-25220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25220"
},
{
"name": "CVE-2021-35567",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
},
{
"name": "CVE-2021-31535",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31535"
},
{
"name": "CVE-2021-42574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42574"
},
{
"name": "CVE-2020-27777",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27777"
},
{
"name": "CVE-2022-22208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22208"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2017-5929",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5929"
},
{
"name": "CVE-2022-22218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22218"
},
{
"name": "CVE-2021-20271",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20271"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2022-22201",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22201"
},
{
"name": "CVE-2020-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0466"
},
{
"name": "CVE-2021-42771",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42771"
},
{
"name": "CVE-2021-29154",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29154"
},
{
"name": "CVE-2018-20532",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20532"
},
{
"name": "CVE-2022-22246",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22246"
},
{
"name": "CVE-2007-6755",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-6755"
},
{
"name": "CVE-2020-29661",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29661"
},
{
"name": "CVE-2022-22250",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22250"
},
{
"name": "CVE-2022-22192",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22192"
},
{
"name": "CVE-2019-12735",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12735"
},
{
"name": "CVE-2022-22239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22239"
},
{
"name": "CVE-2022-25315",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25315"
},
{
"name": "CVE-2022-22822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
},
{
"name": "CVE-2022-22241",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22241"
},
{
"name": "CVE-2020-25212",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25212"
},
{
"name": "CVE-2019-2435",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2435"
},
{
"name": "CVE-2021-27363",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27363"
},
{
"name": "CVE-2022-22226",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22226"
},
{
"name": "CVE-2015-9262",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9262"
},
{
"name": "CVE-2021-4160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4160"
},
{
"name": "CVE-2020-24394",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24394"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2021-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3573"
},
{
"name": "CVE-2019-19532",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19532"
},
{
"name": "CVE-2020-14314",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14314"
},
{
"name": "CVE-2021-27364",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27364"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2022-22229",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22229"
},
{
"name": "CVE-2018-20534",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20534"
},
{
"name": "CVE-2016-4658",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4658"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2021-28165",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28165"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2022-22225",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22225"
},
{
"name": "CVE-2020-12364",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12364"
},
{
"name": "CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"name": "CVE-2021-3711",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3711"
},
{
"name": "CVE-2022-22245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22245"
},
{
"name": "CVE-2022-25314",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25314"
},
{
"name": "CVE-2022-0330",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0330"
},
{
"name": "CVE-2022-23990",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
},
{
"name": "CVE-2019-1543",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1543"
},
{
"name": "CVE-2018-10689",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10689"
},
{
"name": "CVE-2016-2124",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2124"
},
{
"name": "CVE-2021-27365",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27365"
},
{
"name": "CVE-2020-8648",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8648"
},
{
"name": "CVE-2022-25235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25235"
},
{
"name": "CVE-2020-27170",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27170"
},
{
"name": "CVE-2020-25705",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25705"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2022-0847",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0847"
},
{
"name": "CVE-2020-14385",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14385"
},
{
"name": "CVE-2022-22232",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22232"
},
{
"name": "CVE-2019-18282",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18282"
},
{
"name": "CVE-2020-12321",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12321"
},
{
"name": "CVE-2022-22240",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22240"
},
{
"name": "CVE-2021-46143",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
},
{
"name": "CVE-2019-20811",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20811"
},
{
"name": "CVE-2020-12363",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12363"
},
{
"name": "CVE-2021-43527",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43527"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2021-3656",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3656"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2022-22234",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22234"
},
{
"name": "CVE-2022-22242",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22242"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2021-22543",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22543"
},
{
"name": "CVE-2022-22251",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22251"
},
{
"name": "CVE-2008-5161",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5161"
},
{
"name": "CVE-2022-22244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22244"
},
{
"name": "CVE-2019-20934",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20934"
},
{
"name": "CVE-2021-29650",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29650"
},
{
"name": "CVE-2021-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3715"
},
{
"name": "CVE-2022-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22233"
},
{
"name": "CVE-2021-4155",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4155"
},
{
"name": "CVE-2021-45417",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45417"
},
{
"name": "CVE-2020-10769",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10769"
},
{
"name": "CVE-2018-20533",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20533"
},
{
"name": "CVE-2021-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3564"
},
{
"name": "CVE-2020-25656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25656"
},
{
"name": "CVE-2021-3752",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3752"
},
{
"name": "CVE-2022-22224",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22224"
},
{
"name": "CVE-2021-20265",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20265"
},
{
"name": "CVE-2021-3177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3177"
},
{
"name": "CVE-2020-25211",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25211"
},
{
"name": "CVE-2022-0492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0492"
},
{
"name": "CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"name": "CVE-2022-22247",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22247"
},
{
"name": "CVE-2020-12362",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12362"
},
{
"name": "CVE-2019-0205",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0205"
},
{
"name": "CVE-2021-22555",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22555"
},
{
"name": "CVE-2021-3347",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3347"
},
{
"name": "CVE-2022-25236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2021-37576",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37576"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2020-28374",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28374"
},
{
"name": "CVE-2021-0920",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0920"
},
{
"name": "CVE-2022-22199",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22199"
},
{
"name": "CVE-2021-42550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42550"
},
{
"name": "CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"name": "CVE-2022-22236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22236"
},
{
"name": "CVE-2020-7053",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7053"
},
{
"name": "CVE-2022-22248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22248"
},
{
"name": "CVE-2019-9518",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9518"
},
{
"name": "CVE-2022-22220",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22220"
},
{
"name": "CVE-2021-32399",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32399"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"name": "CVE-2022-22228",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22228"
},
{
"name": "CVE-2021-23840",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23840"
},
{
"name": "CVE-2020-14351",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14351"
},
{
"name": "CVE-2020-25709",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25709"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2020-25643",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25643"
},
{
"name": "CVE-2022-22223",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22223"
},
{
"name": "CVE-2020-25645",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25645"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2020-25717",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25717"
},
{
"name": "CVE-2021-3765",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3765"
},
{
"name": "CVE-2021-41617",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41617"
},
{
"name": "CVE-2021-4034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4034"
},
{
"name": "CVE-2022-24903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24903"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
},
{
"name": "CVE-2019-1551",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1551"
},
{
"name": "CVE-2019-2684",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2684"
},
{
"name": "CVE-2021-0543",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0543"
},
{
"name": "CVE-2021-3653",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3653"
},
{
"name": "CVE-2022-22231",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22231"
},
{
"name": "CVE-2021-35561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
},
{
"name": "CVE-2022-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22235"
},
{
"name": "CVE-2020-0427",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0427"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"name": "CVE-2022-22211",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22211"
},
{
"name": "CVE-2020-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0465"
},
{
"name": "CVE-2022-22230",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22230"
},
{
"name": "CVE-2022-22237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22237"
},
{
"name": "CVE-2021-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
}
],
"initial_release_date": "2022-10-13T00:00:00",
"last_revision_date": "2022-10-13T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-916",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-10-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69906",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-MX-Series-An-FPC-crash-might-be-seen-due-to-mac-moves-within-the-same-bridge-domain-CVE-2022-22249"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69885",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX-Series-If-UTM-Enhanced-Content-Filtering-and-AntiVirus-are-enabled-and-specific-traffic-is-processed-the-PFE-will-crash-CVE-2022-22231"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69888",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX-Series-Cache-poisoning-vulnerability-in-BIND-used-by-DNS-Proxy-CVE-2021-25220"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69886",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX-Series-If-Unified-Threat-Management-UTM-Enhanced-Content-Filtering-CF-is-enabled-and-specific-traffic-is-processed-the-PFE-will-crash-CVE-2022-22232"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69899",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-Multiple-vulnerabilities-in-J-Web"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69881",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-SBR-Carrier-Multiple-Vulnerabilities-resolved-in-version-8-6-0R16-64-bit-Solaris-and-Linux-editions"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69894",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-The-rpd-process-will-crash-when-a-malformed-incoming-RESV-message-is-processed-CVE-2022-22238"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69898",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-RPD-core-upon-receipt-of-a-specific-EVPN-route-by-a-BGP-route-reflector-in-an-EVPN-environment-CVE-2022-22199"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69895",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-Evolved-The-ssh-CLI-command-always-runs-as-root-which-can-lead-to-privilege-escalation-CVE-2022-22239"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69908",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-cSRX-Series-Storing-Passwords-in-a-Recoverable-Format-and-software-permissions-issues-allows-a-local-attacker-to-elevate-privileges-CVE-2022-22251"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69874",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-PPMD-goes-into-infinite-loop-upon-receipt-of-malformed-OSPF-TLV-CVE-2022-22224"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69902",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Due-to-a-race-condition-the-rpd-process-can-crash-upon-receipt-of-a-BGP-update-message-containing-flow-spec-route-CVE-2022-22220"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69879",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-rpd-crash-can-occur-due-to-memory-corruption-caused-by-flapping-BGP-sessions-CVE-2022-22208"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69890",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-EX2300-and-EX3400-Series-One-of-more-SFPs-might-become-unavailable-when-the-system-is-very-busy-CVE-2022-22234"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69875",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-BGP-multipath-scenario-when-one-of-the-contributing-routes-is-flapping-often-and-rapidly-rpd-may-crash-CVE-2022-22225"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69915",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-Evolved-PTX-Series-An-attacker-can-cause-a-kernel-panic-by-sending-a-malformed-TCP-packet-to-the-device-CVE-2022-22192"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69878",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-Evolved-ACX7000-Series-Specific-IPv6-transit-traffic-gets-exceptioned-to-the-routing-engine-which-will-cause-increased-CPU-utilization-CVE-2022-22227"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69907",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-FPC-might-crash-and-reload-if-the-EVPN-MAC-entry-is-move-from-local-to-remote-CVE-2022-22250"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69891",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX-Series-A-flowd-core-will-be-observed-when-malformed-GPRS-traffic-is-processed-CVE-2022-22235"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69882",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-22-2R1-release"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69876",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-EX4300-MP-EX4600-QFX5000-Series-In-VxLAN-scenarios-specific-packets-processed-cause-a-memory-leak-leading-to-a-PFE-crash-CVE-2022-22226"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69892",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX-Series-and-MX-Series-When-specific-valid-SIP-packets-are-received-the-PFE-will-crash-CVE-2022-22236"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69889",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Session-Smart-Router-Multiple-vulnerabilities-resolved"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69887",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-an-SR-to-LDP-interworking-scenario-with-SRMS-when-a-specific-low-privileged-command-is-issued-on-an-ABR-rpd-will-crash-CVE-2022-22233"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69903",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Contrail-Networking-Multiple-Vulnerabilities-have-been-resolved-in-Contrail-Networking-R22-3"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69900",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX5000-Series-with-SPC3-SRX4000-Series-and-vSRX-When-PowerMode-IPsec-is-configured-the-PFE-will-crash-upon-receipt-of-a-malformed-ESP-packet-CVE-2022-22201"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69884",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-RPD-crash-upon-receipt-of-specific-OSPFv3-LSAs-CVE-2022-22230"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69901",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX-Series-Upon-processing-of-a-genuine-packet-the-pkid-process-will-crash-during-CMPv2-auto-re-enrollment-CVE-2022-22218"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69905",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-Evolved-Incorrect-file-permissions-can-allow-low-privileged-user-to-cause-another-user-to-execute-arbitrary-commands-CVE-2022-22248"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69893",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-Peers-not-configured-for-TCP-AO-can-establish-a-BGP-or-LDP-session-even-if-authentication-is-configured-locally-CVE-2022-22237"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69904",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-Evolved-Kernel-processing-of-unvalidated-TCP-segments-could-lead-to-a-Denial-of-Service-DoS-CVE-2022-22247"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69880",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-On-IPv6-OAM-SRv6-network-enabled-devices-an-attacker-sending-a-specific-genuine-packet-to-an-IPv6-address-configured-on-the-device-may-cause-a-RPD-memory-leak-leading-to-an-RPD-core-CVE-2022-22228"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69873",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-QFX10000-Series-In-IP-MPLS-PHP-node-scenarios-upon-receipt-of-certain-crafted-packets-multiple-interfaces-in-LAG-configurations-may-detach-CVE-2022-22223"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69896",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-rpd-memory-leak-might-be-observed-while-running-a-specific-cli-command-in-a-RIB-sharding-scenario-CVE-2022-22240"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69897",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Contrail-Networking-Multiple-Vulnerabilities-have-been-resolved-in-Contrail-Networking-release-2011-L5"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69916",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-Evolved-PTX-Series-Multiple-FPCs-become-unreachable-due-to-continuous-polling-of-specific-SNMP-OID-CVE-2022-22211"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69883",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Paragon-Active-Assurance-Formerly-Netrounds-Stored-Cross-site-Scripting-XSS-vulnerability-in-web-administration-CVE-2022-22229"
}
]
}
CERTFR-2022-AVI-650
Vulnerability from certfr_avis - Published: 2022-07-15 - Updated: 2022-07-15
De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS | Junos OS sur plateformes MX versions 20.4.x antérieures à 20.4R3-S2 | ||
| Juniper Networks | Junos OS | Junos OS versions 21.1.x antérieures à 21.1R3-S1 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions 21.1.x aantérieures à 21.1R3-S1-EVO | ||
| Juniper Networks | Junos OS | Junos OS versions 18.3.x antérieures à 18.3R3-S6 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.3.x antérieures à 17.3R3-S12 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes SRX versions 20.4.x antérieures à 20.4R3-S2, 20.4R3-S3 | ||
| Juniper Networks | Junos OS | Junos OS versions 21.4.x antérieures à 21.4R1-S2, 21.4R2 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes PTX versions 19.2.x antérieures à 19.2R1-S8, 19.2R3-S6 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes EX versions antérieures à 19.2R1-S9, 19.2R3-S5 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes EX versions 20.3.x antérieures à 20.3R3-S3 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes PTX versions 19.3.x antérieures à 19.3R3-S6 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions 21.3.x antérieures à 21.3R2-S1-EVO, 21.3R3-EVO | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes QFX versions 21.2.x antérieures à 21.2R2-S1, 21.2R3 | ||
| Juniper Networks | Junos Space | Junos Space versions antérieures à 22.1R1 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes PTX versions 22.1.x antérieures à 22.1R2 | ||
| Juniper Networks | Junos OS | Junos OS versions 19.2.x antérieures à 19.2R1-S9, 19.2R3-S6 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes EX versions 19.3.x antérieures à 19.3R3-S6 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes EX versions 20.1.x antérieures à 20.1R3-S4 | ||
| Juniper Networks | N/A | Junos Space Security Director Policy Enforcer versions antérieures à 22.1R1 | ||
| Juniper Networks | Junos OS | Junos OS versions 21.2.x antérieures à 21.2R2-S2, 21.2R3 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes QFX versions 19.4.x antérieures à 19.4R2-S6, 19.4R3-S8 | ||
| Juniper Networks | Junos OS | Junos OS versions 19.4.x antérieures à 19.4R2-S6, 19.4R3-S8 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes MX versions supérieures à 20.1R1 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes QFX versions 20.1.x antérieures à 20.1R3-S4 | ||
| Juniper Networks | Junos OS | Junos OS versions 19.1.x antérieures à 19.1R2-S3, 19.1R3-S8 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49, 15.1X49-D100 et suivantes antérieures à 19.2R3-S5 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions 21.2.x antérieures à 21.2R1-S1-EVO, 21.2R3-EVO | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes EX versions 20.4.x antérieures à 20.4R3-S2, 20.4R3-S3 | ||
| Juniper Networks | Junos OS | Junos OS versions 20.2.x antérieures à 20.2R3-S5 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes MX versions 21.1.x antérieures à 21.1R2, 21.1R3-S2 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes QFX versions 19.2.x antérieures à 19.2R1-S9, 19.2R3-S5 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes EX versions 21.1.x antérieures à 21.1R3-S1 | ||
| Juniper Networks | Junos OS | Junos OS versions 21.3.x antérieures à 21.3R2-S1, 21.3R3 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes SRX versions 21.4.x antérieures à 21.4R1-S1, 21.4R2 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes SRX versions 19.3.x antérieures à 19.3R3-S6 | ||
| Juniper Networks | N/A | Juniper Networks Contrail Networking versions antérieures à 21.4.0 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes PTX versions 19.4.x antérieures à 19.4R2-S5, 19.4R3-S8 | ||
| Juniper Networks | N/A | Contrôleur Juniper Networks NorthStar versions antérieures à 5.1.0 Service Pack 6 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes MX versions 20.2.x antérieures à 20.2R3-S5 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes QFX versions 20.4.x antérieures à 20.4R3-S2 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes SRX versions 20.2.x antérieures à 20.2R3-S4 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes PTX versions 21.2.x antérieures à 21.2R1-S1, 21.2R2, 21.2R3-S1 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes PTX versions 20.2.x antérieures à 20.2R3-S5 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions 21.4.x antérieures à 21.4R1-S1-EVO, 21.4R2-EVO | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes SRX versions antérieures à 19.2R1-S9, 19.2R3-S5 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes EX versions 19.4.x antérieures à 19.4R3-S8 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes PTX toutes versions antérieures à 19.1R3-S9 | ||
| Juniper Networks | Junos OS | Junos OS versions 19.3.x antérieures à 19.3R2-S7, 19.3R3-S6 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes EX versions 21.3.x antérieures à 21.3R1-S2, 21.3R2, 21.3R3 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes PTX versions 20.1.x antérieures à 20.1R3-S4 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes QFX versions 21.3.x antérieures à 21.3R2 | ||
| Juniper Networks | Junos OS | Junos OS versions 20.3.x antérieures à 20.3R3-S4 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes QFX versions 20.3.x antérieures à 20.3R3-S3 | ||
| Juniper Networks | Junos OS | Junos OS versions 18.4.x antérieures à 18.4R2-S10, 18.4R3-S9 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes EX versions 21.2.x antérieures à 21.2R2-S2, 21.2R3 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes SRX versions 21.1.x antérieures à 21.1R3-S2 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes EX versions 20.2.x antérieures à 20.2R3-S4 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes SRX versions 21.2.x antérieures à 21.2R2-S3, 21.2R3 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1.x antérieures à 15.1R7-S10 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes SRX versions 20.1.x antérieures à 20.1R3-S4 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions antérieures à 20.4R3-S3-EVO | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes EX versions 21.4.x antérieures à 21.4R1-S1, 21.4R2 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes QFX versions 19.3.x antérieures à 19.3R3-S6 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.3R12-S21 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes MX versions 21.3.x antérieures à 21.3R2 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes QFX versions 21.1.x antérieures à 21.1R2-S1, 21.1R3 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes MX versions 20.3.x antérieures à 20.3R3-S4 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes PTX versions 20.4.x antérieures à 20.4R3-S4 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes SRX versions 19.4.x antérieures à 19.4R3-S8 | ||
| Juniper Networks | Junos OS | Junos OS versions 20.1.x antérieures à 20.1R3-S4 | ||
| Juniper Networks | N/A | Contrôleur Juniper Networks NorthStar versions 6.x antérieures à 6.2.2 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes QFX versions antérieures à 19.1R3-S9 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes QFX versions 20.2.x antérieures à 20.2R3-S4 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes PTX versions 21.1.x antérieures à 21.1R2-S1, 21.1R3-S2 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes SRX versions 20.3.x antérieures à 20.3R3-S3 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes SRX versions 21.3.x antérieures à 21.3R1-S2, 21.3R2, 21.3R3 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes PTX versions 20.3.x antérieures à 20.3R3-S4 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes MX versions 21.4.x antérieures à 21.4R2 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes PTX versions 21.4.x antérieures à 21.4R2 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes MX versions 21.2.x antérieures à 21.2R2-S2 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes PTX versions 21.3.x antérieures à 21.3R3 | ||
| Juniper Networks | Junos OS | Junos OS versions 20.4.x antérieures à 20.4R2-S2, 20.4R3-S3 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos OS sur plateformes MX versions 20.4.x ant\u00e9rieures \u00e0 20.4R3-S2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 21.1.x ant\u00e9rieures \u00e0 21.1R3-S1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 21.1.x aant\u00e9rieures \u00e0 21.1R3-S1-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.3.x ant\u00e9rieures \u00e0 18.3R3-S6",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.3.x ant\u00e9rieures \u00e0 17.3R3-S12",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes SRX versions 20.4.x ant\u00e9rieures \u00e0 20.4R3-S2, 20.4R3-S3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 21.4.x ant\u00e9rieures \u00e0 21.4R1-S2, 21.4R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes PTX versions 19.2.x ant\u00e9rieures \u00e0 19.2R1-S8, 19.2R3-S6",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes EX versions ant\u00e9rieures \u00e0 19.2R1-S9, 19.2R3-S5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes EX versions 20.3.x ant\u00e9rieures \u00e0 20.3R3-S3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes PTX versions 19.3.x ant\u00e9rieures \u00e0 19.3R3-S6",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 21.3.x ant\u00e9rieures \u00e0 21.3R2-S1-EVO, 21.3R3-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes QFX versions 21.2.x ant\u00e9rieures \u00e0 21.2R2-S1, 21.2R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space versions ant\u00e9rieures \u00e0 22.1R1",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes PTX versions 22.1.x ant\u00e9rieures \u00e0 22.1R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 19.2.x ant\u00e9rieures \u00e0 19.2R1-S9, 19.2R3-S6",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes EX versions 19.3.x ant\u00e9rieures \u00e0 19.3R3-S6",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes EX versions 20.1.x ant\u00e9rieures \u00e0 20.1R3-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space Security Director Policy Enforcer versions ant\u00e9rieures \u00e0 22.1R1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 21.2.x ant\u00e9rieures \u00e0 21.2R2-S2, 21.2R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes QFX versions 19.4.x ant\u00e9rieures \u00e0 19.4R2-S6, 19.4R3-S8",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 19.4.x ant\u00e9rieures \u00e0 19.4R2-S6, 19.4R3-S8",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes MX versions sup\u00e9rieures \u00e0 20.1R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes QFX versions 20.1.x ant\u00e9rieures \u00e0 20.1R3-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 19.1.x ant\u00e9rieures \u00e0 19.1R2-S3, 19.1R3-S8",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49, 15.1X49-D100 et suivantes ant\u00e9rieures \u00e0 19.2R3-S5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 21.2.x ant\u00e9rieures \u00e0 21.2R1-S1-EVO, 21.2R3-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes EX versions 20.4.x ant\u00e9rieures \u00e0 20.4R3-S2, 20.4R3-S3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 20.2.x ant\u00e9rieures \u00e0 20.2R3-S5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes MX versions 21.1.x ant\u00e9rieures \u00e0 21.1R2, 21.1R3-S2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes QFX versions 19.2.x ant\u00e9rieures \u00e0 19.2R1-S9, 19.2R3-S5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes EX versions 21.1.x ant\u00e9rieures \u00e0 21.1R3-S1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 21.3.x ant\u00e9rieures \u00e0 21.3R2-S1, 21.3R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes SRX versions 21.4.x ant\u00e9rieures \u00e0 21.4R1-S1, 21.4R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes SRX versions 19.3.x ant\u00e9rieures \u00e0 19.3R3-S6",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Networks Contrail Networking versions ant\u00e9rieures \u00e0 21.4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes PTX versions 19.4.x ant\u00e9rieures \u00e0 19.4R2-S5, 19.4R3-S8",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Contr\u00f4leur Juniper Networks NorthStar versions ant\u00e9rieures \u00e0 5.1.0 Service Pack 6",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes MX versions 20.2.x ant\u00e9rieures \u00e0 20.2R3-S5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes QFX versions 20.4.x ant\u00e9rieures \u00e0 20.4R3-S2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes SRX versions 20.2.x ant\u00e9rieures \u00e0 20.2R3-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes PTX versions 21.2.x ant\u00e9rieures \u00e0 21.2R1-S1, 21.2R2, 21.2R3-S1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes PTX versions 20.2.x ant\u00e9rieures \u00e0 20.2R3-S5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 21.4.x ant\u00e9rieures \u00e0 21.4R1-S1-EVO, 21.4R2-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes SRX versions ant\u00e9rieures \u00e0 19.2R1-S9, 19.2R3-S5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes EX versions 19.4.x ant\u00e9rieures \u00e0 19.4R3-S8",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes PTX toutes versions ant\u00e9rieures \u00e0 19.1R3-S9",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 19.3.x ant\u00e9rieures \u00e0 19.3R2-S7, 19.3R3-S6",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes EX versions 21.3.x ant\u00e9rieures \u00e0 21.3R1-S2, 21.3R2, 21.3R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes PTX versions 20.1.x ant\u00e9rieures \u00e0 20.1R3-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes QFX versions 21.3.x ant\u00e9rieures \u00e0 21.3R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 20.3.x ant\u00e9rieures \u00e0 20.3R3-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes QFX versions 20.3.x ant\u00e9rieures \u00e0 20.3R3-S3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.4.x ant\u00e9rieures \u00e0 18.4R2-S10, 18.4R3-S9",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes EX versions 21.2.x ant\u00e9rieures \u00e0 21.2R2-S2, 21.2R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes SRX versions 21.1.x ant\u00e9rieures \u00e0 21.1R3-S2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes EX versions 20.2.x ant\u00e9rieures \u00e0 20.2R3-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes SRX versions 21.2.x ant\u00e9rieures \u00e0 21.2R2-S3, 21.2R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1.x ant\u00e9rieures \u00e0 15.1R7-S10",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes SRX versions 20.1.x ant\u00e9rieures \u00e0 20.1R3-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 20.4R3-S3-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes EX versions 21.4.x ant\u00e9rieures \u00e0 21.4R1-S1, 21.4R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes QFX versions 19.3.x ant\u00e9rieures \u00e0 19.3R3-S6",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.3R12-S21",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes MX versions 21.3.x ant\u00e9rieures \u00e0 21.3R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes QFX versions 21.1.x ant\u00e9rieures \u00e0 21.1R2-S1, 21.1R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes MX versions 20.3.x ant\u00e9rieures \u00e0 20.3R3-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes PTX versions 20.4.x ant\u00e9rieures \u00e0 20.4R3-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes SRX versions 19.4.x ant\u00e9rieures \u00e0 19.4R3-S8",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 20.1.x ant\u00e9rieures \u00e0 20.1R3-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Contr\u00f4leur Juniper Networks NorthStar versions 6.x ant\u00e9rieures \u00e0 6.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes QFX versions ant\u00e9rieures \u00e0 19.1R3-S9",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes QFX versions 20.2.x ant\u00e9rieures \u00e0 20.2R3-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes PTX versions 21.1.x ant\u00e9rieures \u00e0 21.1R2-S1, 21.1R3-S2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes SRX versions 20.3.x ant\u00e9rieures \u00e0 20.3R3-S3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes SRX versions 21.3.x ant\u00e9rieures \u00e0 21.3R1-S2, 21.3R2, 21.3R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes PTX versions 20.3.x ant\u00e9rieures \u00e0 20.3R3-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes MX versions 21.4.x ant\u00e9rieures \u00e0 21.4R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes PTX versions 21.4.x ant\u00e9rieures \u00e0 21.4R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes MX versions 21.2.x ant\u00e9rieures \u00e0 21.2R2-S2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes PTX versions 21.3.x ant\u00e9rieures \u00e0 21.3R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 20.4.x ant\u00e9rieures \u00e0 20.4R2-S2, 20.4R3-S3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2012-0876",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0876"
},
{
"name": "CVE-2003-0001",
"url": "https://www.cve.org/CVERecord?id=CVE-2003-0001"
},
{
"name": "CVE-2015-2716",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2716"
},
{
"name": "CVE-2015-1283",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1283"
},
{
"name": "CVE-2013-7422",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-7422"
},
{
"name": "CVE-2015-7705",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7705"
},
{
"name": "CVE-2015-8035",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8035"
},
{
"name": "CVE-2016-2516",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2516"
},
{
"name": "CVE-2016-4612",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4612"
},
{
"name": "CVE-2016-4610",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4610"
},
{
"name": "CVE-2016-4608",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4608"
},
{
"name": "CVE-2016-4609",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4609"
},
{
"name": "CVE-2016-4607",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4607"
},
{
"name": "CVE-2016-5131",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5131"
},
{
"name": "CVE-2016-4658",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4658"
},
{
"name": "CVE-2016-4738",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4738"
},
{
"name": "CVE-2016-5300",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5300"
},
{
"name": "CVE-2016-9063",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9063"
},
{
"name": "CVE-2016-8618",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8618"
},
{
"name": "CVE-2016-8622",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8622"
},
{
"name": "CVE-2016-8619",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8619"
},
{
"name": "CVE-2016-5180",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5180"
},
{
"name": "CVE-2016-9538",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9538"
},
{
"name": "CVE-2016-9539",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9539"
},
{
"name": "CVE-2017-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0553"
},
{
"name": "CVE-2017-7375",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7375"
},
{
"name": "CVE-2017-1000368",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000368"
},
{
"name": "CVE-2017-10989",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10989"
},
{
"name": "CVE-2017-7525",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
},
{
"name": "CVE-2017-15412",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15412"
},
{
"name": "CVE-2017-8817",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8817"
},
{
"name": "CVE-2015-8385",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8385"
},
{
"name": "CVE-2015-8388",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8388"
},
{
"name": "CVE-2015-2327",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2327"
},
{
"name": "CVE-2017-16931",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16931"
},
{
"name": "CVE-2015-8394",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8394"
},
{
"name": "CVE-2015-8387",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8387"
},
{
"name": "CVE-2015-8391",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8391"
},
{
"name": "CVE-2015-8380",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8380"
},
{
"name": "CVE-2016-3191",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3191"
},
{
"name": "CVE-2015-8390",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8390"
},
{
"name": "CVE-2015-8386",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8386"
},
{
"name": "CVE-2015-2328",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2328"
},
{
"name": "CVE-2017-18258",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18258"
},
{
"name": "CVE-2018-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9251"
},
{
"name": "CVE-2018-7489",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
},
{
"name": "CVE-2017-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15095"
},
{
"name": "CVE-2017-17485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17485"
},
{
"name": "CVE-2019-9518",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9518"
},
{
"name": "CVE-2018-14721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14721"
},
{
"name": "CVE-2019-8457",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8457"
},
{
"name": "CVE-2019-1354",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1354"
},
{
"name": "CVE-2019-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1352"
},
{
"name": "CVE-2019-1387",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1387"
},
{
"name": "CVE-2019-1349",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1349"
},
{
"name": "CVE-2019-1350",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1350"
},
{
"name": "CVE-2019-17267",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17267"
},
{
"name": "CVE-2020-2754",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2754"
},
{
"name": "CVE-2020-2756",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2756"
},
{
"name": "CVE-2020-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2805"
},
{
"name": "CVE-2020-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2830"
},
{
"name": "CVE-2020-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2757"
},
{
"name": "CVE-2020-2800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2800"
},
{
"name": "CVE-2020-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2803"
},
{
"name": "CVE-2020-2755",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2755"
},
{
"name": "CVE-2020-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2781"
},
{
"name": "CVE-2020-2773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2773"
},
{
"name": "CVE-2020-8616",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8616"
},
{
"name": "CVE-2020-8617",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8617"
},
{
"name": "CVE-2019-17571",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
},
{
"name": "CVE-2017-14867",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14867"
},
{
"name": "CVE-2019-16943",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16943"
},
{
"name": "CVE-2020-14579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14579"
},
{
"name": "CVE-2020-14577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14577"
},
{
"name": "CVE-2020-14578",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14578"
},
{
"name": "CVE-2020-14621",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14621"
},
{
"name": "CVE-2020-14583",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14583"
},
{
"name": "CVE-2020-14593",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14593"
},
{
"name": "CVE-2020-14556",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14556"
},
{
"name": "CVE-2020-11656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11656"
},
{
"name": "CVE-2020-1968",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1968"
},
{
"name": "CVE-2020-15999",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15999"
},
{
"name": "CVE-2020-1747",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1747"
},
{
"name": "CVE-2020-25696",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25696"
},
{
"name": "CVE-2020-13631",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13631"
},
{
"name": "CVE-2020-13435",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13435"
},
{
"name": "CVE-2020-13434",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13434"
},
{
"name": "CVE-2020-15358",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
},
{
"name": "CVE-2020-13630",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13630"
},
{
"name": "CVE-2020-25704",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25704"
},
{
"name": "CVE-2020-1971",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
},
{
"name": "CVE-2021-23839",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23839"
},
{
"name": "CVE-2021-23841",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23841"
},
{
"name": "CVE-2021-23840",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23840"
},
{
"name": "CVE-2021-3177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3177"
},
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2021-28950",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28950"
},
{
"name": "CVE-2020-36322",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36322"
},
{
"name": "CVE-2021-23017",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23017"
},
{
"name": "CVE-2020-36385",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36385"
},
{
"name": "CVE-2020-10878",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10878"
},
{
"name": "CVE-2020-13632",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13632"
},
{
"name": "CVE-2020-11655",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11655"
},
{
"name": "CVE-2020-29573",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29573"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"name": "CVE-2020-12049",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12049"
},
{
"name": "CVE-2020-14363",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14363"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2021-3520",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
},
{
"name": "CVE-2019-9169",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9169"
},
{
"name": "CVE-2021-3517",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3517"
},
{
"name": "CVE-2021-20271",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20271"
},
{
"name": "CVE-2020-27619",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27619"
},
{
"name": "CVE-2020-8492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8492"
},
{
"name": "CVE-2021-20227",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20227"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2021-35567",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2021-35561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2021-22946",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
},
{
"name": "CVE-2020-13871",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13871"
},
{
"name": "CVE-2020-25717",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25717"
},
{
"name": "CVE-2016-2124",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2124"
},
{
"name": "CVE-2021-42739",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42739"
},
{
"name": "CVE-2019-9924",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9924"
},
{
"name": "CVE-2019-14892",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14892"
},
{
"name": "CVE-2019-14893",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14893"
},
{
"name": "CVE-2022-21304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21304"
},
{
"name": "CVE-2022-21245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21245"
},
{
"name": "CVE-2022-21344",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21344"
},
{
"name": "CVE-2022-21270",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21270"
},
{
"name": "CVE-2022-21367",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21367"
},
{
"name": "CVE-2022-21303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21303"
},
{
"name": "CVE-2020-9327",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9327"
},
{
"name": "CVE-2021-41617",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41617"
},
{
"name": "CVE-2019-14379",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14379"
},
{
"name": "CVE-2014-6272",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-6272"
},
{
"name": "CVE-2015-6525",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-6525"
},
{
"name": "CVE-2018-14404",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14404"
},
{
"name": "CVE-2017-1000158",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000158"
},
{
"name": "CVE-2020-14343",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14343"
},
{
"name": "CVE-2018-1000654",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000654"
},
{
"name": "CVE-2014-9471",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9471"
},
{
"name": "CVE-2019-14540",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14540"
},
{
"name": "CVE-2020-8840",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8840"
},
{
"name": "CVE-2019-16942",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16942"
},
{
"name": "CVE-2019-16335",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16335"
},
{
"name": "CVE-2019-17531",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17531"
},
{
"name": "CVE-2019-20330",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20330"
},
{
"name": "CVE-2019-0205",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0205"
},
{
"name": "CVE-2017-12562",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12562"
},
{
"name": "CVE-2018-14567",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14567"
},
{
"name": "CVE-2022-22217",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22217"
},
{
"name": "CVE-2016-4484",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4484"
},
{
"name": "CVE-2015-4042",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4042"
},
{
"name": "CVE-2016-7943",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7943"
},
{
"name": "CVE-2016-6318",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6318"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2016-7942",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7942"
},
{
"name": "CVE-2017-9117",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9117"
},
{
"name": "CVE-2022-22203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22203"
},
{
"name": "CVE-2015-5228",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5228"
},
{
"name": "CVE-2021-42574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42574"
},
{
"name": "CVE-2022-22216",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22216"
},
{
"name": "CVE-2015-7805",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7805"
},
{
"name": "CVE-2017-8779",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8779"
},
{
"name": "CVE-2022-22206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22206"
},
{
"name": "CVE-2016-7947",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7947"
},
{
"name": "CVE-2016-7951",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7951"
},
{
"name": "CVE-2018-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8088"
},
{
"name": "CVE-2018-6954",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6954"
},
{
"name": "CVE-2014-9488",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9488"
},
{
"name": "CVE-2018-14720",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14720"
},
{
"name": "CVE-2017-15994",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15994"
},
{
"name": "CVE-2022-22209",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22209"
},
{
"name": "CVE-2015-8540",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8540"
},
{
"name": "CVE-2016-7950",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7950"
},
{
"name": "CVE-2017-14930",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14930"
},
{
"name": "CVE-2017-8105",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8105"
},
{
"name": "CVE-2016-7949",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7949"
},
{
"name": "CVE-2017-5225",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5225"
},
{
"name": "CVE-2016-1951",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1951"
},
{
"name": "CVE-2017-8871",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8871"
},
{
"name": "CVE-2018-19362",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19362"
},
{
"name": "CVE-2022-22215",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22215"
},
{
"name": "CVE-2015-7036",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7036"
},
{
"name": "CVE-2016-2779",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2779"
},
{
"name": "CVE-2022-22213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22213"
},
{
"name": "CVE-2016-10195",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10195"
},
{
"name": "CVE-2014-5044",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-5044"
},
{
"name": "CVE-2016-7944",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7944"
},
{
"name": "CVE-2014-9114",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9114"
},
{
"name": "CVE-2014-9474",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9474"
},
{
"name": "CVE-2015-2059",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2059"
},
{
"name": "CVE-2022-22207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22207"
},
{
"name": "CVE-2022-22205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22205"
},
{
"name": "CVE-2022-22204",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22204"
},
{
"name": "CVE-2017-5929",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5929"
},
{
"name": "CVE-2018-19361",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19361"
},
{
"name": "CVE-2017-10685",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10685"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2015-8947",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8947"
},
{
"name": "CVE-2019-9893",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9893"
},
{
"name": "CVE-2016-1238",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1238"
},
{
"name": "CVE-2016-7948",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7948"
},
{
"name": "CVE-2014-9746",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9746"
},
{
"name": "CVE-2018-14719",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14719"
},
{
"name": "CVE-2016-2052",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2052"
},
{
"name": "CVE-2021-3487",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3487"
},
{
"name": "CVE-2022-22214",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22214"
},
{
"name": "CVE-2014-4043",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4043"
},
{
"name": "CVE-2022-22221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22221"
},
{
"name": "CVE-2022-22212",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22212"
},
{
"name": "CVE-2017-16548",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16548"
},
{
"name": "CVE-2021-36690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36690"
},
{
"name": "CVE-2014-9939",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9939"
},
{
"name": "CVE-2017-11164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
},
{
"name": "CVE-2015-3308",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3308"
},
{
"name": "CVE-2017-7614",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7614"
},
{
"name": "CVE-2022-22202",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22202"
},
{
"name": "CVE-2017-8421",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8421"
},
{
"name": "CVE-2017-14062",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14062"
},
{
"name": "CVE-2018-14718",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14718"
},
{
"name": "CVE-2022-22218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22218"
},
{
"name": "CVE-2017-10684",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10684"
},
{
"name": "CVE-2022-22210",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22210"
},
{
"name": "CVE-2017-13716",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13716"
},
{
"name": "CVE-2021-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
},
{
"name": "CVE-2015-5602",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5602"
},
{
"name": "CVE-2018-11307",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11307"
},
{
"name": "CVE-2018-19360",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19360"
},
{
"name": "CVE-2017-17434",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17434"
},
{
"name": "CVE-2017-8287",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8287"
},
{
"name": "CVE-2017-8804",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8804"
}
],
"initial_release_date": "2022-07-15T00:00:00",
"last_revision_date": "2022-07-15T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-650",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-07-15T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69723 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-Space-Security-Director-Policy-Enforcer-upgraded-to-CentOS-7-9"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69722 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-22-2R1-release-CVE-2022-22218"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69713 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-RIB-and-PFEs-can-get-out-of-sync-due-to-a-memory-leak-caused-by-interface-flaps-or-route-churn-CVE-2022-22209"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69710 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-SRX-series-The-PFE-will-crash-when-specific-traffic-is-scanned-by-Enhanced-Web-Filtering-safe-search-CVE-2022-22206"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69717 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Denial-of-Service-DoS-vulnerability-in-RPD-upon-receipt-of-specific-BGP-update-CVE-2022-22213"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69707 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-EX4600-Series-and-QFX5000-Series-Receipt-of-specific-traffic-will-lead-to-an-fxpc-process-crash-followed-by-an-FPC-reboot-CVE-2022-22203"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69714 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-QFX5000-Series-and-MX-Series-An-l2alm-crash-leading-to-an-FPC-crash-can-be-observed-in-VxLAN-scenario-CVE-2022-22210"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69718 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-an-MPLS-scenario-upon-receipt-of-a-specific-IPv6-packet-an-FPC-will-crash-CVE-2022-22214"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69726 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Contrail-Networking-Multiple-vulnerabilities-resolved-in-Contrail-Networking-21-4"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69711 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-MX-Series-with-MPC11-In-a-GNF-node-slicing-scenario-gathering-AF-interface-statistics-can-lead-to-a-kernel-crash-CVE-2022-22207"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69715 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-OpenSSL-security-fixes"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69708 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-MX-Series-and-SRX-Series-When-receiving-a-specific-SIP-packets-stale-call-table-entries-are-created-which-eventually-leads-to-a-DoS-for-all-SIP-traffic-CVE-2022-22204"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69716 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-Evolved-A-high-rate-of-specific-hostbound-traffic-will-cause-unexpected-hostbound-traffic-delays-or-drops-CVE-2022-22212"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69719 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-var-run-pid-env-files-are-potentially-not-deleted-during-termination-of-a-gRPC-connection-causing-inode-exhaustion-CVE-2022-22215"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69703 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Northstar-Controller-nginx-component-allows-remote-attacker-to-cause-worker-process-crash-or-potentially-arbitrary-code-execution-CVE-2021-23017-2"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69721 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-QFX10k-Series-Denial-of-Service-DoS-upon-receipt-of-crafted-MLD-packets-on-multi-homing-ESI-in-VXLAN-CVE-2022-22217"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69720 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-PTX-Series-and-QFX10000-Series-Etherleak-memory-disclosure-in-Ethernet-padding-data-CVE-2022-22216"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69725 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-SRX-and-EX-Series-Local-privilege-escalation-flaw-in-download-functionality-CVE-2022-22221"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69705 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Multiple-vulnerabilities-in-SQLite-resolved"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69709 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-SRX-Series-An-FPC-memory-leak-can-occur-in-an-APBR-scenario-CVE-2022-22205"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69706 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-PTX-Series-FPCs-may-restart-unexpectedly-upon-receipt-of-specific-MPLS-packets-with-certain-multi-unit-interface-configurations-CVE-2022-22202"
}
]
}
CERTFR-2024-AVI-0585
Vulnerability from certfr_avis - Published: 2024-07-16 - Updated: 2024-07-16
De multiples vulnérabilités ont été découvertes dans les produits VMware. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu | VMware Tanzu Application Service for VMs versions 2.11.x antérieures à 2.11.55, versions 2.13.x antérieures à 2.13.37, versions 4.x LTS antérieures à 4.0.20+LTS-T, versions 5.x antérieures à 5.0.10 | ||
| VMware | Tanzu | CF Deployment versions antérieures à 30.0.0 | ||
| VMware | Tanzu | Operations Manager versions 2.x antérieures à 2.10.71, versions 3.x LTS antérieures à 3.0.25+LTS-T | ||
| VMware | Tanzu | Cflinuxfs4 versions antérieures à 1.83.0 | ||
| VMware | Tanzu | Cflinuxfs3 versions antérieures à 0.388.0 | ||
| VMware | Tanzu | Isolation Segment versions 2.11.x antérieures à 2.11.49, versions 2.13.x antérieures à 2.13.34, versions 4.x LTS antérieures à 4.0.20+LTS-T, versions 5.x antérieures à 5.0.10 | ||
| VMware | Tanzu | Tanzu Greenplum for Kubernetes versions antérieures à 2.0.0 | ||
| VMware | Tanzu | Platform Automation Toolkit versions 4.0.x antérieures à 4.0.13, versions 4.1.x antérieures à 4.1.13, versions 4.2.x antérieures à 4.2.8, versions 4.3.x antérieures à 4.3.5, versions 4.4.x antérieures à 4.4.32, versions 5.0.x antérieures à 5.0.25, versions 5.1.x antérieures à 5.1.2 | ||
| VMware | Tanzu | Xenial Stemcell versions antérieures à 621.897 | ||
| VMware | Tanzu | Jammy Stemcells versions antérieures à 1.486 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "VMware Tanzu Application Service for VMs versions 2.11.x ant\u00e9rieures \u00e0 2.11.55, versions 2.13.x ant\u00e9rieures \u00e0 2.13.37, versions 4.x LTS ant\u00e9rieures \u00e0 4.0.20+LTS-T, versions 5.x ant\u00e9rieures \u00e0 5.0.10",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "CF Deployment versions ant\u00e9rieures \u00e0 30.0.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Operations Manager versions 2.x ant\u00e9rieures \u00e0 2.10.71, versions 3.x LTS ant\u00e9rieures \u00e0 3.0.25+LTS-T",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Cflinuxfs4 versions ant\u00e9rieures \u00e0 1.83.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Cflinuxfs3 versions ant\u00e9rieures \u00e0 0.388.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segment versions 2.11.x ant\u00e9rieures \u00e0 2.11.49, versions 2.13.x ant\u00e9rieures \u00e0 2.13.34, versions 4.x LTS ant\u00e9rieures \u00e0 4.0.20+LTS-T, versions 5.x ant\u00e9rieures \u00e0 5.0.10",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum for Kubernetes versions ant\u00e9rieures \u00e0 2.0.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Automation Toolkit versions 4.0.x ant\u00e9rieures \u00e0 4.0.13, versions 4.1.x ant\u00e9rieures \u00e0 4.1.13, versions 4.2.x ant\u00e9rieures \u00e0 4.2.8, versions 4.3.x ant\u00e9rieures \u00e0 4.3.5, versions 4.4.x ant\u00e9rieures \u00e0 4.4.32, versions 5.0.x ant\u00e9rieures \u00e0 5.0.25, versions 5.1.x ant\u00e9rieures \u00e0 5.1.2",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Xenial Stemcell versions ant\u00e9rieures \u00e0 621.897",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Jammy Stemcells versions ant\u00e9rieures \u00e0 1.486",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2022-2000",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2000"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2023-28531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28531"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2023-48237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48237"
},
{
"name": "CVE-2023-48706",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48706"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2022-1886",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1886"
},
{
"name": "CVE-2023-48235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48235"
},
{
"name": "CVE-2023-48231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48231"
},
{
"name": "CVE-2023-48233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48233"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2022-2042",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2042"
},
{
"name": "CVE-2023-5341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5341"
},
{
"name": "CVE-2023-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2022-1897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1897"
},
{
"name": "CVE-2023-6918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6918"
},
{
"name": "CVE-2024-22195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22195"
},
{
"name": "CVE-2023-48236",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48236"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2022-1725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1725"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2023-50495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2023-48232",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48232"
},
{
"name": "CVE-2023-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6004"
},
{
"name": "CVE-2023-48234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48234"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2023-46246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46246"
},
{
"name": "CVE-2022-48624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48624"
},
{
"name": "CVE-2023-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2953"
},
{
"name": "CVE-2022-1771",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1771"
},
{
"name": "CVE-2023-51384",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51384"
},
{
"name": "CVE-2021-41617",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41617"
},
{
"name": "CVE-2023-39804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39804"
},
{
"name": "CVE-2020-28493",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28493"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
}
],
"initial_release_date": "2024-07-16T00:00:00",
"last_revision_date": "2024-07-16T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0585",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-07-16T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2024-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24654",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24654"
},
{
"published_at": "2024-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24671",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24671"
},
{
"published_at": "2024-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24679",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24679"
},
{
"published_at": "2024-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24670",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24670"
},
{
"published_at": "2024-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24653",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24653"
},
{
"published_at": "2024-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24665",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24665"
},
{
"published_at": "2024-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24667",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24667"
},
{
"published_at": "2024-07-12",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24664",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24664"
},
{
"published_at": "2024-07-12",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24661",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24661"
},
{
"published_at": "2024-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24669",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24669"
},
{
"published_at": "2024-07-12",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24663",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24663"
},
{
"published_at": "2024-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24655",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24655"
},
{
"published_at": "2024-07-12",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24652",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24652"
},
{
"published_at": "2024-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24656",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24656"
},
{
"published_at": "2024-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24668",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24668"
},
{
"published_at": "2024-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24674",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24674"
},
{
"published_at": "2024-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24681",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24681"
},
{
"published_at": "2024-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24675",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24675"
},
{
"published_at": "2024-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24673",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24673"
},
{
"published_at": "2024-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24666",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24666"
},
{
"published_at": "2024-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24662",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24662"
},
{
"published_at": "2024-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24680",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24680"
},
{
"published_at": "2024-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24676",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24676"
},
{
"published_at": "2024-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24672",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24672"
},
{
"published_at": "2024-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24657",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24657"
}
]
}
CERTFR-2024-AVI-0378
Vulnerability from certfr_avis - Published: 2024-05-10 - Updated: 2024-05-10
De multiples vulnérabilités ont été découvertes dans Juniper Junos OS. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS | Junos OS versions 22.2R2 antérieures à 22.2R3-S2 | ||
| Juniper Networks | Junos OS | Junos OS versions 22.3R3 antérieures à 22.3R3-S1 | ||
| Juniper Networks | Junos OS | Junos OS versions 22.4R1 antérieures à 22.4R2-S2 et 22.4R3 | ||
| Juniper Networks | Junos OS | Junos OS versions 22.3R1 antérieures à 22.3R2-S2 | ||
| Juniper Networks | Junos OS | Junos OS versions 23.2 antérieures à 23.2R1-S1 et 23.2R2 | ||
| Juniper Networks | Junos OS | Junos OS et Junos OS Evolved avec OpenSSH versions antérieures à 9.6 | ||
| Juniper Networks | Junos OS | Junos OS versions 21.4R3 antérieures à 21.4R3-S5 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos OS versions 22.2R2 ant\u00e9rieures \u00e0 22.2R3-S2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.3R3 ant\u00e9rieures \u00e0 22.3R3-S1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.4R1 ant\u00e9rieures \u00e0 22.4R2-S2 et 22.4R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.3R1 ant\u00e9rieures \u00e0 22.3R2-S2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 23.2 ant\u00e9rieures \u00e0 23.2R1-S1 et 23.2R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS et Junos OS Evolved avec OpenSSH versions ant\u00e9rieures \u00e0 9.6",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 21.4R3 ant\u00e9rieures \u00e0 21.4R3-S5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-12062",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12062"
},
{
"name": "CVE-2019-6110",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6110"
},
{
"name": "CVE-2020-15778",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15778"
},
{
"name": "CVE-2019-6109",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6109"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2019-6111",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6111"
},
{
"name": "CVE-2024-21593",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21593"
},
{
"name": "CVE-2023-38408",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38408"
},
{
"name": "CVE-2018-20685",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20685"
},
{
"name": "CVE-2020-14145",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14145"
},
{
"name": "CVE-2018-15919",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15919"
},
{
"name": "CVE-2021-41617",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41617"
}
],
"initial_release_date": "2024-05-10T00:00:00",
"last_revision_date": "2024-05-10T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA80837 du 09 mai 2024",
"url": "https://supportportal.juniper.net/s/article/2024-05-Reference-Advisory-Junos-OS-and-Junos-OS-Evolved-Multiple-CVEs-reported-in-OpenSSH"
}
],
"reference": "CERTFR-2024-AVI-0378",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-05-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Juniper Junos OS.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Juniper Junos OS",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75732 du 10 mai 2024",
"url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-MX-Series-with-MPC10-MPC11-LC9600-and-MX304-A-specific-MPLS-packet-will-cause-a-PFE-crash-CVE-2024-21593?language=en_US"
}
]
}
CERTFR-2022-AVI-239
Vulnerability from certfr_avis - Published: 2022-03-14 - Updated: 2022-03-14
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Spectrum | IBM Spectrum Protect Plus Container Backup and Restore for Red Hat OpenShift versions 10.1.x antérieures à 10.1.10 | ||
| IBM | Spectrum | IBM Spectrum Protect for Virtual Environments: Data Protection for VMware versions 8.1.x antérieures à 8.1.14 | ||
| IBM | Spectrum | IBM Spectrum Copy Data Management versions 2.2.x antérieures à 2.2.15 | ||
| IBM | Spectrum | IBM Spectrum Protect Backup-Archive Client web user interface versions 8.1.x antérieures à 8.1.14 | ||
| IBM | Spectrum | IBM Spectrum Protect Plus versions 10.1.x antérieures à 10.1.10 | ||
| IBM | Spectrum | IBM Spectrum Protect Plus Container Backup and Restore for Kubernetes versions 10.1.x antérieures à 10.1.10 | ||
| IBM | Spectrum | IBM Spectrum Protect for Virtual Environments: Data Protection for Hyper-V versions 8.1.x antérieures à 8.1.14 | ||
| IBM | Spectrum | IBM Spectrum Protect Client Management Service versions 8.1.x antérieures à 8.1.14 | ||
| IBM | Spectrum | IBM Spectrum Protect Operations Center versions 8.1.x antérieures à 8.1.14 | ||
| IBM | WebSphere | IBM WebSphere Application Server versions 7.0, 8.0, 8.5 et 9.0 avec Content Collector for Email versions 4.0.x antérieures à 4.0.1 | ||
| IBM | Spectrum | IBM Spectrum Protect Plus File Systems Agent versions 10.1.x antérieures à 10.1.10 | ||
| IBM | Spectrum | IBM Spectrum Protect for Space Management versions 8.1.x antérieures à 8.1.14 | ||
| IBM | Spectrum | IBM Spectrum Protect Server versions 8.1.x antérieures à 8.1.14 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Spectrum Protect Plus Container Backup and Restore for Red Hat OpenShift versions 10.1.x ant\u00e9rieures \u00e0 10.1.10",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect for Virtual Environments: Data Protection for VMware versions 8.1.x ant\u00e9rieures \u00e0 8.1.14",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Copy Data Management versions 2.2.x ant\u00e9rieures \u00e0 2.2.15",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect Backup-Archive Client web user interface versions 8.1.x ant\u00e9rieures \u00e0 8.1.14",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect Plus versions 10.1.x ant\u00e9rieures \u00e0 10.1.10",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect Plus Container Backup and Restore for Kubernetes versions 10.1.x ant\u00e9rieures \u00e0 10.1.10",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect for Virtual Environments: Data Protection for Hyper-V versions 8.1.x ant\u00e9rieures \u00e0 8.1.14",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect Client Management Service versions 8.1.x ant\u00e9rieures \u00e0 8.1.14",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect Operations Center versions 8.1.x ant\u00e9rieures \u00e0 8.1.14",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Application Server versions 7.0, 8.0, 8.5 et 9.0 avec Content Collector for Email versions 4.0.x ant\u00e9rieures \u00e0 4.0.1",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect Plus File Systems Agent versions 10.1.x ant\u00e9rieures \u00e0 10.1.10",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect for Space Management versions 8.1.x ant\u00e9rieures \u00e0 8.1.14",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect Server versions 8.1.x ant\u00e9rieures \u00e0 8.1.14",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-41182",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41182"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2021-35517",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35517"
},
{
"name": "CVE-2022-21680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21680"
},
{
"name": "CVE-2021-39002",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39002"
},
{
"name": "CVE-2021-36090",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36090"
},
{
"name": "CVE-2021-41184",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41184"
},
{
"name": "CVE-2021-41183",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41183"
},
{
"name": "CVE-2021-38926",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38926"
},
{
"name": "CVE-2021-23222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23222"
},
{
"name": "CVE-2021-29678",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29678"
},
{
"name": "CVE-2020-35508",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35508"
},
{
"name": "CVE-2022-23806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
},
{
"name": "CVE-2021-23214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23214"
},
{
"name": "CVE-2022-23773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
},
{
"name": "CVE-2021-38951",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38951"
},
{
"name": "CVE-2020-8492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8492"
},
{
"name": "CVE-2021-3156",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3156"
},
{
"name": "CVE-2022-23772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
},
{
"name": "CVE-2021-23727",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23727"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2021-38931",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38931"
},
{
"name": "CVE-2021-3139",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3139"
},
{
"name": "CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"name": "CVE-2021-20373",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20373"
},
{
"name": "CVE-2020-15436",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15436"
},
{
"name": "CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"name": "CVE-2022-0235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0235"
},
{
"name": "CVE-2021-33026",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33026"
},
{
"name": "CVE-2020-14323",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14323"
},
{
"name": "CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"name": "CVE-2021-41617",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41617"
},
{
"name": "CVE-2021-4034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4034"
},
{
"name": "CVE-2022-21681",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21681"
},
{
"name": "CVE-2020-35513",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35513"
}
],
"initial_release_date": "2022-03-14T00:00:00",
"last_revision_date": "2022-03-14T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-239",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-03-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6562471 du 11 mars 2022",
"url": "https://www.ibm.com/support/pages/node/6562471"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6562895 du 11 mars 2022",
"url": "https://www.ibm.com/support/pages/node/6562895"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6445699 du 11 mars 2022",
"url": "https://www.ibm.com/support/pages/node/6445699"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6562401 du 11 mars 2022",
"url": "https://www.ibm.com/support/pages/node/6562401"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6562843 du 11 mars 2022",
"url": "https://www.ibm.com/support/pages/node/6562843"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6562849 du 11 mars 2022",
"url": "https://www.ibm.com/support/pages/node/6562849"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6562873 du 11 mars 2022",
"url": "https://www.ibm.com/support/pages/node/6562873"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6562383 du 11 mars 2022",
"url": "https://www.ibm.com/support/pages/node/6562383"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6562405 du 11 mars 2022",
"url": "https://www.ibm.com/support/pages/node/6562405"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6562919 du 11 mars 2022",
"url": "https://www.ibm.com/support/pages/node/6562919"
}
]
}
CERTFR-2023-AVI-1015
Vulnerability from certfr_avis - Published: 2023-12-12 - Updated: 2023-12-12
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SIMATIC CP 1243-1 (incl. SIPLUS variants) toutes versions | ||
| Siemens | N/A | SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) toutes versions | ||
| Siemens | N/A | Opcenter Quality toutes versions | ||
| Siemens | N/A | SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) versions antérieures à V8.0 | ||
| Siemens | N/A | LOGO! 24CE (6ED1052-1CC08-0BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SCALANCE M804PB (6GK5804-0AP00-2AA2) toutes versions | ||
| Siemens | N/A | SIMATIC S7-400 CPU 412-2 PN V7 (6ES7412-2EK07-0AB0) toutes versions | ||
| Siemens | N/A | SCALANCE M876-4 (6GK5876-4AA10-2BA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIMATIC PC-Station Plus toutes versions | ||
| Siemens | N/A | POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) versions antérieures à V2.60 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIPLUS S7-400 CPU 416-3 PN/DP V7 (6AG1416-3ES07-7AB0) toutes versions | ||
| Siemens | N/A | SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) toutes versions | ||
| Siemens | N/A | LOGO! 24CEo (6ED1052-2CC08-0BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SINUMERIK MC toutes versions | ||
| Siemens | N/A | SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) toutes versions | ||
| Siemens | N/A | SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) toutes versions | ||
| Siemens | N/A | SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) toutes versions | ||
| Siemens | N/A | LOGO! 230RCE (6ED1052-1FB08-0BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) toutes versions | ||
| Siemens | N/A | SINUMERIK ONE toutes versions | ||
| Siemens | N/A | SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIPLUS S7-1500 CPU 1518F-4 PN/DP (6AG1518-4FP00-4AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) toutes versions | ||
| Siemens | N/A | SCALANCE M874-2 (6GK5874-2AA00-2AA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE S615 EEC (6GK5615-0AA01-2AA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SINAMICS S120 (incl. SIPLUS variants) versions antérieures à V5.2 SP3 HF15 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | LOGO! 24RCEo (6ED1052-2HB08-0BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) versions antérieures à V2.60 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) toutes versions | ||
| Siemens | N/A | SINUMERIK Integrate RunMyHMI /Automotive toutes versions | ||
| Siemens | N/A | SIMATIC S7-400 CPU 416-3 PN/DP V7 (6ES7416-3ES07-0AB0) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1510SP-1 PN (6ES7510-1DK03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SCALANCE M874-2 (6GK5874-2AA00-2AA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE M876-4 (6GK5876-4AA10-2BA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SINAMICS S210 (6SL5...) versions supérieures ou égales àV6.1 versions antérieures à V6.1 HF2 | ||
| Siemens | N/A | SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) toutes versions | ||
| Siemens | N/A | SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1512SP-1 PN (6ES7512-1DM03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) toutes versions | ||
| Siemens | N/A | SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SIMATIC STEP 7 (TIA Portal) versions antérieures à V19 | ||
| Siemens | N/A | RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) toutes versions | ||
| Siemens | N/A | SIMATIC S7-PLCSIM Advanced versions antérieures à V6.0 | ||
| Siemens | N/A | SIMATIC S7-400 CPU 414F-3 PN/DP V7 (6ES7414-3FM07-0AB0) toutes versions | ||
| Siemens | N/A | SCALANCE S615 (6GK5615-0AA00-2AA2) toutes versions | ||
| Siemens | N/A | SCALANCE M874-3 (6GK5874-3AA00-2AA2) toutes versions | ||
| Siemens | N/A | SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE S615 EEC (6GK5615-0AA01-2AA2) toutes versions | ||
| Siemens | N/A | LOGO! 230RCEo (6ED1052-2FB08-0BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SCALANCE M874-2 (6GK5874-2AA00-2AA2) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) toutes versions | ||
| Siemens | N/A | SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) toutes versions | ||
| Siemens | N/A | SIMATIC PCS neo versions antérieures à V4.1 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE M804PB (6GK5804-0AP00-2AA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1514SP-2 PN (6ES7514-2DN03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SINAMICS S210 (6SL5...) versions supérieures à V6.1 et antérieure à V6.1 HF2 | ||
| Siemens | N/A | SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SIPLUS S7-400 CPU 414-3 PN/DP V7 (6AG1414-3EM07-7AB0) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE S615 EEC (6GK5615-0AA01-2AA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIPLUS S7-1500 CPU 1518-4 PN/DP (6AG1518-4AP00-4AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SCALANCE M874-3 (6GK5874-3AA00-2AA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SINEC INS versions antérieures à V1.0 SP2 Update 2 | ||
| Siemens | N/A | LOGO! 12/24RCE (6ED1052-1MD08-0BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SCALANCE M874-3 (6GK5874-3AA00-2AA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SIMATIC CP 1243-7 LTE toutes versions | ||
| Siemens | N/A | SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) versions antérieures à V8.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE S615 (6GK5615-0AA00-2AA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SIMATIC S7-400 CPU 414-3 PN/DP V7 (6ES7414-3EM07-0AB0) toutes versions | ||
| Siemens | N/A | LOGO! 24RCE (6ED1052-1HB08-0BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SCALANCE M804PB (6GK5804-0AP00-2AA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SIMATIC S7-400 CPU 416F-3 PN/DP V7 (6ES7416-3FS07-0AB0) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) versions antérieures à V8.0 | ||
| Siemens | N/A | Totally Integrated Automation Portal (TIA Portal) versions V14 à V18 antérieures à V18 Update 3 | ||
| Siemens | N/A | SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE M876-4 (6GK5876-4AA10-2BA2) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SCALANCE S615 (6GK5615-0AA00-2AA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) toutes versions |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1243-1 (incl. SIPLUS variants) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Opcenter Quality toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "LOGO! 24CE (6ED1052-1CC08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M804PB (6GK5804-0AP00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 CPU 412-2 PN V7 (6ES7412-2EK07-0AB0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (6GK5876-4AA10-2BA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC PC-Station Plus toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) versions ant\u00e9rieures \u00e0 V2.60",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-400 CPU 416-3 PN/DP V7 (6AG1416-3ES07-7AB0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "LOGO! 24CEo (6ED1052-2CC08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK MC toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "LOGO! 230RCE (6ED1052-1FB08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK ONE toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1500 CPU 1518F-4 PN/DP (6AG1518-4FP00-4AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M874-2 (6GK5874-2AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE S615 EEC (6GK5615-0AA01-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS S120 (incl. SIPLUS variants) versions ant\u00e9rieures \u00e0 V5.2 SP3 HF15",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "LOGO! 24RCEo (6ED1052-2HB08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) versions ant\u00e9rieures \u00e0 V2.60",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK Integrate RunMyHMI /Automotive toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 CPU 416-3 PN/DP V7 (6ES7416-3ES07-0AB0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1510SP-1 PN (6ES7510-1DK03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M874-2 (6GK5874-2AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (6GK5876-4AA10-2BA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS S210 (6SL5...) versions sup\u00e9rieures ou \u00e9gales \u00e0V6.1 versions ant\u00e9rieures \u00e0 V6.1 HF2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1512SP-1 PN (6ES7512-1DM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC STEP 7 (TIA Portal) versions ant\u00e9rieures \u00e0 V19",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-PLCSIM Advanced versions ant\u00e9rieures \u00e0 V6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 CPU 414F-3 PN/DP V7 (6ES7414-3FM07-0AB0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE S615 (6GK5615-0AA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M874-3 (6GK5874-3AA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE S615 EEC (6GK5615-0AA01-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "LOGO! 230RCEo (6ED1052-2FB08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M874-2 (6GK5874-2AA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC PCS neo versions ant\u00e9rieures \u00e0 V4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M804PB (6GK5804-0AP00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1514SP-2 PN (6ES7514-2DN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS S210 (6SL5...) versions sup\u00e9rieures \u00e0 V6.1 et ant\u00e9rieure \u00e0 V6.1 HF2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-400 CPU 414-3 PN/DP V7 (6AG1414-3EM07-7AB0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE S615 EEC (6GK5615-0AA01-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1500 CPU 1518-4 PN/DP (6AG1518-4AP00-4AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M874-3 (6GK5874-3AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEC INS versions ant\u00e9rieures \u00e0 V1.0 SP2 Update 2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "LOGO! 12/24RCE (6ED1052-1MD08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M874-3 (6GK5874-3AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1243-7 LTE toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE S615 (6GK5615-0AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 CPU 414-3 PN/DP V7 (6ES7414-3EM07-0AB0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "LOGO! 24RCE (6ED1052-1HB08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M804PB (6GK5804-0AP00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 CPU 416F-3 PN/DP V7 (6ES7416-3FS07-0AB0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Totally Integrated Automation Portal (TIA Portal) versions V14 \u00e0 V18 ant\u00e9rieures \u00e0 V18 Update 3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (6GK5876-4AA10-2BA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE S615 (6GK5615-0AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-5131",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5131"
},
{
"name": "CVE-2016-4658",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4658"
},
{
"name": "CVE-2017-7375",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7375"
},
{
"name": "CVE-2017-7376",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7376"
},
{
"name": "CVE-2017-0663",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0663"
},
{
"name": "CVE-2017-9047",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9047"
},
{
"name": "CVE-2017-9048",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9048"
},
{
"name": "CVE-2017-16931",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16931"
},
{
"name": "CVE-2017-9050",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9050"
},
{
"name": "CVE-2017-18258",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18258"
},
{
"name": "CVE-2017-9049",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9049"
},
{
"name": "CVE-2017-16932",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16932"
},
{
"name": "CVE-2016-9318",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9318"
},
{
"name": "CVE-2018-0495",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0495"
},
{
"name": "CVE-2019-6111",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6111"
},
{
"name": "CVE-2019-3855",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3855"
},
{
"name": "CVE-2019-3856",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3856"
},
{
"name": "CVE-2019-3863",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3863"
},
{
"name": "CVE-2019-3857",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3857"
},
{
"name": "CVE-2019-8457",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8457"
},
{
"name": "CVE-2019-5443",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5443"
},
{
"name": "CVE-2019-6109",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6109"
},
{
"name": "CVE-2019-15903",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15903"
},
{
"name": "CVE-2019-3859",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3859"
},
{
"name": "CVE-2019-3861",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3861"
},
{
"name": "CVE-2019-3860",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3860"
},
{
"name": "CVE-2019-3858",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3858"
},
{
"name": "CVE-2019-3862",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3862"
},
{
"name": "CVE-2019-13565",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13565"
},
{
"name": "CVE-2019-13057",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13057"
},
{
"name": "CVE-2019-9636",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9636"
},
{
"name": "CVE-2019-16168",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16168"
},
{
"name": "CVE-2019-19926",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19926"
},
{
"name": "CVE-2019-19925",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19925"
},
{
"name": "CVE-2019-19880",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19880"
},
{
"name": "CVE-2019-19923",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19923"
},
{
"name": "CVE-2019-5018",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5018"
},
{
"name": "CVE-2019-9936",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9936"
},
{
"name": "CVE-2019-5482",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5482"
},
{
"name": "CVE-2019-19646",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19646"
},
{
"name": "CVE-2020-7595",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7595"
},
{
"name": "CVE-2020-8169",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8169"
},
{
"name": "CVE-2020-11656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11656"
},
{
"name": "CVE-2019-19906",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19906"
},
{
"name": "CVE-2020-14145",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14145"
},
{
"name": "CVE-2019-9937",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9937"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2018-20843",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20843"
},
{
"name": "CVE-2020-13631",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13631"
},
{
"name": "CVE-2020-13435",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13435"
},
{
"name": "CVE-2020-13434",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13434"
},
{
"name": "CVE-2020-15358",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
},
{
"name": "CVE-2020-13630",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13630"
},
{
"name": "CVE-2020-25709",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25709"
},
{
"name": "CVE-2021-3177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3177"
},
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2019-19956",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19956"
},
{
"name": "CVE-2020-28196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
},
{
"name": "CVE-2020-8285",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8285"
},
{
"name": "CVE-2020-8286",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8286"
},
{
"name": "CVE-2020-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36221"
},
{
"name": "CVE-2020-36224",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36224"
},
{
"name": "CVE-2020-36222",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36222"
},
{
"name": "CVE-2020-36227",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36227"
},
{
"name": "CVE-2020-36225",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36225"
},
{
"name": "CVE-2020-36228",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36228"
},
{
"name": "CVE-2020-36223",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36223"
},
{
"name": "CVE-2020-36229",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36229"
},
{
"name": "CVE-2020-36226",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36226"
},
{
"name": "CVE-2020-36230",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36230"
},
{
"name": "CVE-2020-10531",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10531"
},
{
"name": "CVE-2021-28363",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28363"
},
{
"name": "CVE-2020-8284",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8284"
},
{
"name": "CVE-2020-10878",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10878"
},
{
"name": "CVE-2021-23336",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23336"
},
{
"name": "CVE-2021-22901",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22901"
},
{
"name": "CVE-2019-17543",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17543"
},
{
"name": "CVE-2021-3518",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3518"
},
{
"name": "CVE-2020-13632",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13632"
},
{
"name": "CVE-2020-11655",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11655"
},
{
"name": "CVE-2019-19645",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19645"
},
{
"name": "CVE-2019-20907",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20907"
},
{
"name": "CVE-2020-10543",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10543"
},
{
"name": "CVE-2020-12723",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12723"
},
{
"name": "CVE-2021-20305",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20305"
},
{
"name": "CVE-2019-20388",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20388"
},
{
"name": "CVE-2020-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12243"
},
{
"name": "CVE-2020-29573",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29573"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2019-5188",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5188"
},
{
"name": "CVE-2019-5094",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5094"
},
{
"name": "CVE-2020-8177",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8177"
},
{
"name": "CVE-2013-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
},
{
"name": "CVE-2021-33910",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33910"
},
{
"name": "CVE-2021-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27219"
},
{
"name": "CVE-2021-27218",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27218"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2020-24977",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24977"
},
{
"name": "CVE-2021-3520",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
},
{
"name": "CVE-2020-29362",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29362"
},
{
"name": "CVE-2019-9169",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9169"
},
{
"name": "CVE-2020-29363",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29363"
},
{
"name": "CVE-2021-3517",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3517"
},
{
"name": "CVE-2020-13776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13776"
},
{
"name": "CVE-2020-26116",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26116"
},
{
"name": "CVE-2020-25692",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25692"
},
{
"name": "CVE-2016-10228",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10228"
},
{
"name": "CVE-2020-29361",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29361"
},
{
"name": "CVE-2021-3541",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3541"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2020-8231",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8231"
},
{
"name": "CVE-2020-8492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8492"
},
{
"name": "CVE-2021-3516",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3516"
},
{
"name": "CVE-2021-3537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3537"
},
{
"name": "CVE-2020-8315",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8315"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2021-22926",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22926"
},
{
"name": "CVE-2021-20227",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20227"
},
{
"name": "CVE-2021-36222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36222"
},
{
"name": "CVE-2021-22947",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
},
{
"name": "CVE-2021-22945",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22945"
},
{
"name": "CVE-2021-22946",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
},
{
"name": "CVE-2020-13871",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13871"
},
{
"name": "CVE-2021-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
},
{
"name": "CVE-2021-3733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2022-40674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2022-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2019-9948",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9948"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2019-6110",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6110"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2019-16905",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16905"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2022-46143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46143"
},
{
"name": "CVE-2022-23990",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
},
{
"name": "CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"name": "CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"name": "CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"name": "CVE-2022-22822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
},
{
"name": "CVE-2021-46143",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
},
{
"name": "CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2019-5436",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5436"
},
{
"name": "CVE-2022-25313",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25313"
},
{
"name": "CVE-2022-25236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
},
{
"name": "CVE-2022-25315",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25315"
},
{
"name": "CVE-2022-25235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25235"
},
{
"name": "CVE-2019-19603",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19603"
},
{
"name": "CVE-2021-22890",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22890"
},
{
"name": "CVE-2021-22876",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22876"
},
{
"name": "CVE-2019-19317",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19317"
},
{
"name": "CVE-2019-19924",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19924"
},
{
"name": "CVE-2021-22924",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22924"
},
{
"name": "CVE-2021-22897",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22897"
},
{
"name": "CVE-2020-9327",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9327"
},
{
"name": "CVE-2021-22925",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22925"
},
{
"name": "CVE-2021-22923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22923"
},
{
"name": "CVE-2019-19242",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19242"
},
{
"name": "CVE-2021-22898",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22898"
},
{
"name": "CVE-2021-22922",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22922"
},
{
"name": "CVE-2019-19244",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19244"
},
{
"name": "CVE-2021-41617",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41617"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2018-14404",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14404"
},
{
"name": "CVE-2019-9947",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9947"
},
{
"name": "CVE-2019-9740",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9740"
},
{
"name": "CVE-2019-10160",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10160"
},
{
"name": "CVE-2019-16056",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16056"
},
{
"name": "CVE-2020-12762",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12762"
},
{
"name": "CVE-2019-17594",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17594"
},
{
"name": "CVE-2019-17595",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17595"
},
{
"name": "CVE-2021-20231",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20231"
},
{
"name": "CVE-2021-36085",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36085"
},
{
"name": "CVE-2021-36084",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36084"
},
{
"name": "CVE-2021-20232",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20232"
},
{
"name": "CVE-2021-36086",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36086"
},
{
"name": "CVE-2021-3580",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3580"
},
{
"name": "CVE-2021-36087",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36087"
},
{
"name": "CVE-2021-33560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33560"
},
{
"name": "CVE-2021-28153",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28153"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2022-29155",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29155"
},
{
"name": "CVE-2022-25314",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25314"
},
{
"name": "CVE-2021-4122",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4122"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2022-2274",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2274"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2020-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25710"
},
{
"name": "CVE-2022-24407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24407"
},
{
"name": "CVE-2018-14567",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14567"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2021-36690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36690"
},
{
"name": "CVE-2021-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
},
{
"name": "CVE-2022-27778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27778"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-26488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2019-18348",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18348"
},
{
"name": "CVE-2020-15523",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15523"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2022-37454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37454"
},
{
"name": "CVE-2020-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10735"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2020-15778",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15778"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2022-35260",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35260"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2023-25136",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25136"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2015-20107",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-20107"
},
{
"name": "CVE-2022-45873",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45873"
},
{
"name": "CVE-2022-3821",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3821"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2018-12886",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12886"
},
{
"name": "CVE-2022-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1304"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2021-46828",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46828"
},
{
"name": "CVE-2023-1077",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1077"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-27779",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27779"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2022-30115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30115"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2023-31238",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31238"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2023-30901",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30901"
},
{
"name": "CVE-2021-3998",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3998"
},
{
"name": "CVE-2019-20218",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20218"
},
{
"name": "CVE-2020-35527",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35527"
},
{
"name": "CVE-2016-3189",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3189"
},
{
"name": "CVE-2019-19959",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19959"
},
{
"name": "CVE-2020-35525",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35525"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2021-31239",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31239"
},
{
"name": "CVE-2016-3709",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3709"
},
{
"name": "CVE-2021-28861",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28861"
},
{
"name": "CVE-2023-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3212"
},
{
"name": "CVE-2023-0361",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0361"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-38408",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38408"
},
{
"name": "CVE-2023-35001",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35001"
},
{
"name": "CVE-2023-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2953"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2023-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3611"
},
{
"name": "CVE-2023-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3609"
},
{
"name": "CVE-2023-34319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34319"
},
{
"name": "CVE-2023-1206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1206"
},
{
"name": "CVE-2023-40283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40283"
},
{
"name": "CVE-2023-28831",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28831"
},
{
"name": "CVE-2023-3772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3772"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2023-4623",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4623"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-4921",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4921"
},
{
"name": "CVE-2023-39192",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39192"
},
{
"name": "CVE-2023-39193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39193"
},
{
"name": "CVE-2023-42754",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42754"
},
{
"name": "CVE-2023-39194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39194"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2023-42755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42755"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2023-31085",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31085"
},
{
"name": "CVE-2023-39189",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39189"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2023-44321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44321"
},
{
"name": "CVE-2023-44374",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44374"
},
{
"name": "CVE-2023-44320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44320"
},
{
"name": "CVE-2023-44319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44319"
},
{
"name": "CVE-2023-44317",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44317"
},
{
"name": "CVE-2023-44318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44318"
},
{
"name": "CVE-2023-44373",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44373"
},
{
"name": "CVE-2023-44322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44322"
},
{
"name": "CVE-2020-22218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22218"
},
{
"name": "CVE-2023-4527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
},
{
"name": "CVE-2021-3426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3426"
},
{
"name": "CVE-2023-5717",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5717"
},
{
"name": "CVE-2023-45871",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45871"
},
{
"name": "CVE-2020-19186",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19186"
},
{
"name": "CVE-2020-19190",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19190"
},
{
"name": "CVE-2020-19185",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19185"
},
{
"name": "CVE-2020-19189",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19189"
},
{
"name": "CVE-2020-19187",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19187"
},
{
"name": "CVE-2020-19188",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19188"
},
{
"name": "CVE-2020-19909",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19909"
},
{
"name": "CVE-2019-11360",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11360"
},
{
"name": "CVE-2019-13627",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13627"
},
{
"name": "CVE-2019-7309",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7309"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2019-1010024",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010024"
},
{
"name": "CVE-2022-47375",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47375"
},
{
"name": "CVE-2019-19126",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19126"
},
{
"name": "CVE-2023-46283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46283"
},
{
"name": "CVE-2023-46282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46282"
},
{
"name": "CVE-2023-32643",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32643"
},
{
"name": "CVE-2014-7209",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7209"
},
{
"name": "CVE-2023-48431",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48431"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2017-17512",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17512"
},
{
"name": "CVE-2020-1712",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1712"
},
{
"name": "CVE-2023-48430",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48430"
},
{
"name": "CVE-2019-6488",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6488"
},
{
"name": "CVE-2023-39128",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39128"
},
{
"name": "CVE-2018-20482",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20482"
},
{
"name": "CVE-2021-27212",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27212"
},
{
"name": "CVE-2019-5481",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5481"
},
{
"name": "CVE-2021-43396",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43396"
},
{
"name": "CVE-2022-2509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2509"
},
{
"name": "CVE-2022-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
},
{
"name": "CVE-2023-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
},
{
"name": "CVE-2019-20795",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20795"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2019-9674",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9674"
},
{
"name": "CVE-2022-48522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
},
{
"name": "CVE-2020-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21913"
},
{
"name": "CVE-2019-12904",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12904"
},
{
"name": "CVE-2021-28041",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28041"
},
{
"name": "CVE-2022-42784",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42784"
},
{
"name": "CVE-2023-48427",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48427"
},
{
"name": "CVE-2020-24659",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24659"
},
{
"name": "CVE-2023-48429",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48429"
},
{
"name": "CVE-2020-12062",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12062"
},
{
"name": "CVE-2019-1010023",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010023"
},
{
"name": "CVE-2023-49692",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49692"
},
{
"name": "CVE-2016-10739",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10739"
},
{
"name": "CVE-2019-1010180",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010180"
},
{
"name": "CVE-2023-46285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46285"
},
{
"name": "CVE-2023-46156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46156"
},
{
"name": "CVE-2019-5435",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5435"
},
{
"name": "CVE-2019-15847",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15847"
},
{
"name": "CVE-2023-29491",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
},
{
"name": "CVE-2019-20367",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20367"
},
{
"name": "CVE-2023-46284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46284"
},
{
"name": "CVE-2023-35945",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35945"
},
{
"name": "CVE-2023-32665",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32665"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2021-37600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2021-3997",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3997"
},
{
"name": "CVE-2021-3826",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3826"
},
{
"name": "CVE-2023-26604",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26604"
},
{
"name": "CVE-2019-1010022",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010022"
},
{
"name": "CVE-2020-6096",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6096"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2023-48428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48428"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2019-17498",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17498"
},
{
"name": "CVE-2023-49691",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49691"
},
{
"name": "CVE-2023-25139",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25139"
},
{
"name": "CVE-2023-29499",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29499"
},
{
"name": "CVE-2020-1751",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1751"
},
{
"name": "CVE-2019-1010025",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010025"
},
{
"name": "CVE-2019-12290",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12290"
},
{
"name": "CVE-2019-18224",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18224"
},
{
"name": "CVE-2018-18928",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18928"
},
{
"name": "CVE-2022-27943",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27943"
},
{
"name": "CVE-2022-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
},
{
"name": "CVE-2021-32292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32292"
},
{
"name": "CVE-2020-21047",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21047"
},
{
"name": "CVE-2021-46195",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46195"
},
{
"name": "CVE-2023-38380",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38380"
},
{
"name": "CVE-2023-28531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28531"
},
{
"name": "CVE-2020-11501",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11501"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2022-47374",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47374"
},
{
"name": "CVE-2023-46281",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46281"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2020-15801",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15801"
},
{
"name": "CVE-2022-46141",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46141"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2020-13529",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13529"
},
{
"name": "CVE-2023-27371",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27371"
},
{
"name": "CVE-2023-32611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32611"
},
{
"name": "CVE-2021-20193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20193"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2019-9923",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9923"
},
{
"name": "CVE-2020-13777",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13777"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2020-14422",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14422"
},
{
"name": "CVE-2023-32636",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32636"
},
{
"name": "CVE-2021-4209",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4209"
},
{
"name": "CVE-2018-19591",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19591"
},
{
"name": "CVE-2022-48560",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48560"
}
],
"initial_release_date": "2023-12-12T00:00:00",
"last_revision_date": "2023-12-12T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-1015",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-12-12T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits Siemens\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-844582 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-180704.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-180704 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-480095.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-077170 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-480095 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-068047.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-118850 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-118850.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-068047 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-077170.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-892915 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-280603.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-999588 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-398330.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-280603 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-693975.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-693975 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-892915.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-887801 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-887801.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-592380 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-844582.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-398330 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-592380.html"
}
]
}
CERTFR-2022-AVI-619
Vulnerability from certfr_avis - Published: 2022-07-08 - Updated: 2022-07-08
De multiples vulnérabilités ont été découvertes dans IBM QRadar. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM QRadar Network Security 5.4.x versions ant\u00e9rieures \u00e0 5.4.0.16",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar Network Security 5.5.x versions ant\u00e9rieures \u00e0 5.5.0.11",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25710"
},
{
"name": "CVE-2022-24407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24407"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2020-25709",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25709"
},
{
"name": "CVE-2021-41617",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41617"
}
],
"initial_release_date": "2022-07-08T00:00:00",
"last_revision_date": "2022-07-08T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-619",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-07-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM QRadar.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni\nde service \u00e0 distance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM QRadar",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6601945 du 07 juillet 2022",
"url": "https://www.ibm.com/support/pages/node/6601945"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6601933 du 07 juillet 2022",
"url": "https://www.ibm.com/support/pages/node/6601933"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6601937 du 07 juillet 2022",
"url": "https://www.ibm.com/support/pages/node/6601937"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6601951 du 07 juillet 2022",
"url": "https://www.ibm.com/support/pages/node/6601951"
}
]
}
CERTFR-2025-AVI-0492
Vulnerability from certfr_avis - Published: 2025-06-11 - Updated: 2025-06-11
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | SCALANCE | SCALANCE XR322-12 (6GK5334-3TS00-4AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR302-32 (6GK5334-5TS00-3AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XC424-4 (6GK5428-4TR00-2AC2) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR326-8 (6GK5334-2TS00-3AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR526-8 (6GK5534-2TR00-3AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR522-12 (6GK5534-3TR00-3AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR522-12 (6GK5534-3TR00-4AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XC432 (6GK5432-0GR00-2AC2) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR502-32 (6GK5534-5TR00-3AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XCH328 (6GK5328-4TS01-2EC2) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XCM324 (6GK5324-8TS01-2AC2) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR526-8 (6GK5534-2TR00-4AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XC324-4 (6GK5328-4TS00-2AC2) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR326-8 (6GK5334-2TS00-3AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR302-32 (6GK5334-5TS00-2AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XC424-4 (6GK5428-4TR00-2AC2) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR522-12 (6GK5534-3TR00-4AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XCH328 (6GK5328-4TS01-2EC2) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XC316-8 (6GK5324-8TS00-2AC2) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR302-32 (6GK5334-5TS00-3AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR326-8 (6GK5334-2TS00-4AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR502-32 (6GK5534-5TR00-2AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR526-8 (6GK5534-2TR00-4AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XC316-8 (6GK5324-8TS00-2AC2) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR526-8 (6GK5534-2TR00-2AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XCM328 (6GK5328-4TS01-2AC2) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XC432 (6GK5432-0GR00-2AC2) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XC324-4 (6GK5328-4TS00-2AC2) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR302-32 (6GK5334-5TS00-4AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR302-32 (6GK5334-5TS00-2AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XC332 (6GK5332-0GA00-2AC2) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR322-12 (6GK5334-3TS00-2AR3) versions antérieures à V3.1 | ||
| Siemens | SIMATIC | SIMATIC S7-1500 versions supérieures ou égales àV3.1.5 pour les vulnérabilités CVE-2021-41617, CVE-2023-4527, CVE-2023-4806, CVE-2023-4911, CVE-2023-5363, CVE-2023-6246, CVE-2023-6779, CVE-2023-6780, CVE-2023-28531, CVE-2023-38545, CVE-2023-38546, CVE-2023-44487, CVE-2023-46218, CVE-2023-46219, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2023-52927, CVE-2024-2961, CVE-2024-6119, CVE-2024-6387, CVE-2024-12133, CVE-2024-12243, CVE-2024-24855, CVE-2024-26596, CVE-2024-28085, CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602, CVE-2024-34397, CVE-2024-37370, CVE-2024-37371, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50246, CVE-2024-53166, CVE-2024-57977, CVE-2024-57996, CVE-2024-58005, CVE-2025-4373, CVE-2025-4598, CVE-2025-21701, CVE-2025-21702, CVE-2025-21712, CVE-2025-21724, CVE-2025-21728, CVE-2025-21745, CVE-2025-21756, CVE-2025-21758, CVE-2025-21765, CVE-2025-21766, CVE-2025-21767, CVE-2025-21795, CVE-2025-21796, CVE-2025-21848, CVE-2025-21862, CVE-2025-21864, CVE-2025-21865, CVE-2025-26465, CVE-2025-31115 et CVE-2025-46836. | ||
| Siemens | SCALANCE | SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR502-32 (6GK5534-5TR00-4AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR326-8 (6GK5334-2TS00-4AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XCM328 (6GK5328-4TS01-2AC2) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR302-32 (6GK5334-5TS00-4AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XC416-8 (6GK5424-8TR00-2AC2) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR322-12 (6GK5334-3TS00-2AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XCM332 (6GK5332-0GA01-2AC2) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR522-12 (6GK5534-3TR00-3AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR322-12 (6GK5334-3TS00-3AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR526-8 (6GK5534-2TR00-3AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR526-8 (6GK5534-2TR00-2AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR522-12 (6GK5534-3TR00-2AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR326-8 (6GK5334-2TS00-2AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XCM332 (6GK5332-0GA01-2AC2) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR502-32 (6GK5534-5TR00-2AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR502-32 (6GK5534-5TR00-4AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XC416-8 (6GK5424-8TR00-2AC2) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR522-12 (6GK5534-3TR00-2AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR322-12 (6GK5334-3TS00-4AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XR322-12 (6GK5334-3TS00-3AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR326-8 (6GK5334-2TS00-2AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XCM324 (6GK5324-8TS01-2AC2) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XR502-32 (6GK5534-5TR00-3AR3) versions antérieures à V3.1 | ||
| Siemens | SCALANCE | SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) versions antérieures à V3.2 | ||
| Siemens | SCALANCE | SCALANCE XC332 (6GK5332-0GA00-2AC2) versions antérieures à V3.2 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SCALANCE XR322-12 (6GK5334-3TS00-4AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR302-32 (6GK5334-5TS00-3AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC424-4 (6GK5428-4TR00-2AC2) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR326-8 (6GK5334-2TS00-3AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR526-8 (6GK5534-2TR00-3AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR522-12 (6GK5534-3TR00-3AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR522-12 (6GK5534-3TR00-4AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC432 (6GK5432-0GR00-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR502-32 (6GK5534-5TR00-3AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCH328 (6GK5328-4TS01-2EC2) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCM324 (6GK5324-8TS01-2AC2) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR526-8 (6GK5534-2TR00-4AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC324-4 (6GK5328-4TS00-2AC2) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR326-8 (6GK5334-2TS00-3AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR302-32 (6GK5334-5TS00-2AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC424-4 (6GK5428-4TR00-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR522-12 (6GK5534-3TR00-4AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCH328 (6GK5328-4TS01-2EC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC316-8 (6GK5324-8TS00-2AC2) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR302-32 (6GK5334-5TS00-3AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR326-8 (6GK5334-2TS00-4AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR502-32 (6GK5534-5TR00-2AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR526-8 (6GK5534-2TR00-4AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC316-8 (6GK5324-8TS00-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR526-8 (6GK5534-2TR00-2AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCM328 (6GK5328-4TS01-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC432 (6GK5432-0GR00-2AC2) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC324-4 (6GK5328-4TS00-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR302-32 (6GK5334-5TS00-4AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR302-32 (6GK5334-5TS00-2AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC332 (6GK5332-0GA00-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR322-12 (6GK5334-3TS00-2AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 versions sup\u00e9rieures ou \u00e9gales \u00e0V3.1.5 pour les vuln\u00e9rabilit\u00e9s CVE-2021-41617, CVE-2023-4527, CVE-2023-4806, CVE-2023-4911, CVE-2023-5363, CVE-2023-6246, CVE-2023-6779, CVE-2023-6780, CVE-2023-28531, CVE-2023-38545, CVE-2023-38546, CVE-2023-44487, CVE-2023-46218, CVE-2023-46219, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2023-52927, CVE-2024-2961, CVE-2024-6119, CVE-2024-6387, CVE-2024-12133, CVE-2024-12243, CVE-2024-24855, CVE-2024-26596, CVE-2024-28085, CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602, CVE-2024-34397, CVE-2024-37370, CVE-2024-37371, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50246, CVE-2024-53166, CVE-2024-57977, CVE-2024-57996, CVE-2024-58005, CVE-2025-4373, CVE-2025-4598, CVE-2025-21701, CVE-2025-21702, CVE-2025-21712, CVE-2025-21724, CVE-2025-21728, CVE-2025-21745, CVE-2025-21756, CVE-2025-21758, CVE-2025-21765, CVE-2025-21766, CVE-2025-21767, CVE-2025-21795, CVE-2025-21796, CVE-2025-21848, CVE-2025-21862, CVE-2025-21864, CVE-2025-21865, CVE-2025-26465, CVE-2025-31115 et CVE-2025-46836.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR502-32 (6GK5534-5TR00-4AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR326-8 (6GK5334-2TS00-4AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCM328 (6GK5328-4TS01-2AC2) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR302-32 (6GK5334-5TS00-4AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC416-8 (6GK5424-8TR00-2AC2) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR322-12 (6GK5334-3TS00-2AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCM332 (6GK5332-0GA01-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR522-12 (6GK5534-3TR00-3AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR322-12 (6GK5334-3TS00-3AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR526-8 (6GK5534-2TR00-3AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR526-8 (6GK5534-2TR00-2AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR522-12 (6GK5534-3TR00-2AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR326-8 (6GK5334-2TS00-2AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCM332 (6GK5332-0GA01-2AC2) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR502-32 (6GK5534-5TR00-2AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR502-32 (6GK5534-5TR00-4AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC416-8 (6GK5424-8TR00-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR522-12 (6GK5534-3TR00-2AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR322-12 (6GK5334-3TS00-4AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR322-12 (6GK5334-3TS00-3AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR326-8 (6GK5334-2TS00-2AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCM324 (6GK5324-8TS01-2AC2) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR502-32 (6GK5534-5TR00-3AR3) versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XC332 (6GK5332-0GA00-2AC2) versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "SCALANCE",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-37370",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
},
{
"name": "CVE-2024-41797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41797"
},
{
"name": "CVE-2025-26465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26465"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2023-28531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28531"
},
{
"name": "CVE-2023-6780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6780"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2025-40568",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40568"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2023-52927",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52927"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2024-45492",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
},
{
"name": "CVE-2024-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24855"
},
{
"name": "CVE-2025-40569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40569"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2025-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21712"
},
{
"name": "CVE-2025-4373",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4373"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-6779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6779"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2023-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2024-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2024-26596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26596"
},
{
"name": "CVE-2023-4527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2024-53166",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53166"
},
{
"name": "CVE-2025-46836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46836"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2025-40567",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40567"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2024-57977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57977"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2025-21702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21702"
},
{
"name": "CVE-2025-21865",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21865"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-21701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21701"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2024-6387",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6387"
},
{
"name": "CVE-2023-51384",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51384"
},
{
"name": "CVE-2021-41617",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41617"
},
{
"name": "CVE-2024-50246",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50246"
},
{
"name": "CVE-2024-34397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
},
{
"name": "CVE-2023-6246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6246"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2025-21756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21756"
},
{
"name": "CVE-2024-37371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
}
],
"initial_release_date": "2025-06-11T00:00:00",
"last_revision_date": "2025-06-11T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0492",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-06-11T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Siemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-082556",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-633269",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-633269.html"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-693776",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-693776.html"
}
]
}
CERTFR-2024-AVI-1018
Vulnerability from certfr_avis - Published: 2024-11-25 - Updated: 2024-11-25
De multiples vulnérabilités ont été découvertes dans les produits Qnap. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Qnap | N/A | Photo Station versions 6.4.x antérieures à 6.4.3 | ||
| Qnap | QuRouter | QuRouter versions 2.4.x antérieures à 2.4.4.106 | ||
| Qnap | QuLog Center | QuLog Center versions 1.8.x antérieures à 1.8.0.888 | ||
| Qnap | QuRouter | QuRouter versions 2.4.x antérieures à 2.4.3.103 | ||
| Qnap | QuTS hero | QuTS hero versions h5.2.x antérieures à h5.2.1.2929 build 20241025 | ||
| Qnap | N/A | Notes Station 3 versions 3.9.x antérieures à 3.9.7 | ||
| Qnap | QuTS hero | QuTS hero versions h5.1.x antérieures à h5.1.8.2823 build 20240712 | ||
| Qnap | QTS | QTS versions 5.1.x antérieures à 5.1.8.2823 build 20240712 | ||
| Qnap | N/A | Media Streaming add-on versions 500.1.x antérieures à 500.1.1.6 | ||
| Qnap | QTS | QTS versions 5.2.x antérieures à 5.2.1.2930 build 20241025 | ||
| Qnap | N/A | QNAP AI Core versions 3.4.x antérieures à 3.4.1 | ||
| Qnap | QuLog Center | QuLog Center versions 1.7.x antérieures à 1.7.0.831 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Photo Station versions 6.4.x ant\u00e9rieures \u00e0 6.4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "QuRouter versions 2.4.x ant\u00e9rieures \u00e0 2.4.4.106",
"product": {
"name": "QuRouter",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "QuLog Center versions 1.8.x ant\u00e9rieures \u00e0 1.8.0.888",
"product": {
"name": "QuLog Center",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "QuRouter versions 2.4.x ant\u00e9rieures \u00e0 2.4.3.103",
"product": {
"name": "QuRouter",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "QuTS hero versions h5.2.x ant\u00e9rieures \u00e0 h5.2.1.2929 build 20241025",
"product": {
"name": "QuTS hero",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "Notes Station 3 versions 3.9.x ant\u00e9rieures \u00e0 3.9.7",
"product": {
"name": "N/A",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "QuTS hero versions h5.1.x ant\u00e9rieures \u00e0 h5.1.8.2823 build 20240712",
"product": {
"name": "QuTS hero",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "QTS versions 5.1.x ant\u00e9rieures \u00e0 5.1.8.2823 build 20240712",
"product": {
"name": "QTS",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "Media Streaming add-on versions 500.1.x ant\u00e9rieures \u00e0 500.1.1.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "QTS versions 5.2.x ant\u00e9rieures \u00e0 5.2.1.2930 build 20241025",
"product": {
"name": "QTS",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "QNAP AI Core versions 3.4.x ant\u00e9rieures \u00e0 3.4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "QuLog Center versions 1.7.x ant\u00e9rieures \u00e0 1.7.0.831 ",
"product": {
"name": "QuLog Center",
"vendor": {
"name": "Qnap",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-50397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50397"
},
{
"name": "CVE-2024-37050",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37050"
},
{
"name": "CVE-2024-38643",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38643"
},
{
"name": "CVE-2024-50398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50398"
},
{
"name": "CVE-2024-37042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37042"
},
{
"name": "CVE-2024-32768",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32768"
},
{
"name": "CVE-2024-48860",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48860"
},
{
"name": "CVE-2024-50399",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50399"
},
{
"name": "CVE-2024-48861",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48861"
},
{
"name": "CVE-2024-48862",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48862"
},
{
"name": "CVE-2024-32770",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32770"
},
{
"name": "CVE-2024-37049",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37049"
},
{
"name": "CVE-2024-38644",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38644"
},
{
"name": "CVE-2024-37041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37041"
},
{
"name": "CVE-2024-37048",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37048"
},
{
"name": "CVE-2024-50396",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50396"
},
{
"name": "CVE-2024-32767",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32767"
},
{
"name": "CVE-2024-37045",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37045"
},
{
"name": "CVE-2024-38647",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38647"
},
{
"name": "CVE-2024-37046",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37046"
},
{
"name": "CVE-2024-37047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37047"
},
{
"name": "CVE-2023-38408",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38408"
},
{
"name": "CVE-2024-32769",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32769"
},
{
"name": "CVE-2024-50400",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50400"
},
{
"name": "CVE-2020-14145",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14145"
},
{
"name": "CVE-2024-38645",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38645"
},
{
"name": "CVE-2024-50395",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50395"
},
{
"name": "CVE-2024-37043",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37043"
},
{
"name": "CVE-2021-41617",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41617"
},
{
"name": "CVE-2024-38646",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38646"
},
{
"name": "CVE-2024-37044",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37044"
},
{
"name": "CVE-2024-50401",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50401"
}
],
"initial_release_date": "2024-11-25T00:00:00",
"last_revision_date": "2024-11-25T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-1018",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-11-25T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Qnap. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Qnap",
"vendor_advisories": [
{
"published_at": "2024-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-24-44",
"url": "https://www.qnap.com/go/security-advisory/qsa-24-44"
},
{
"published_at": "2024-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-24-36",
"url": "https://www.qnap.com/go/security-advisory/qsa-24-36"
},
{
"published_at": "2024-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-24-37",
"url": "https://www.qnap.com/go/security-advisory/qsa-24-37"
},
{
"published_at": "2024-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-24-39",
"url": "https://www.qnap.com/go/security-advisory/qsa-24-39"
},
{
"published_at": "2024-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-24-47",
"url": "https://www.qnap.com/go/security-advisory/qsa-24-47"
},
{
"published_at": "2024-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-24-40",
"url": "https://www.qnap.com/go/security-advisory/qsa-24-40"
},
{
"published_at": "2024-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-24-46",
"url": "https://www.qnap.com/go/security-advisory/qsa-24-46"
},
{
"published_at": "2024-11-23",
"title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-24-43",
"url": "https://www.qnap.com/go/security-advisory/qsa-24-43"
}
]
}
GHSA-MXH4-P4W6-G844
Vulnerability from github – Published: 2022-05-24 19:15 – Updated: 2022-05-24 19:15
VLAI?
Details
sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.
Severity ?
7.0 (High)
{
"affected": [],
"aliases": [
"CVE-2021-41617"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-09-26T19:15:00Z",
"severity": "HIGH"
},
"details": "sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.",
"id": "GHSA-mxh4-p4w6-g844",
"modified": "2022-05-24T19:15:43Z",
"published": "2022-05-24T19:15:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41617"
},
{
"type": "WEB",
"url": "https://www.tenable.com/plugins/nessus/154174"
},
{
"type": "WEB",
"url": "https://www.starwindsoftware.com/security/sw-20220805-0001"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"type": "WEB",
"url": "https://www.openwall.com/lists/oss-security/2021/09/26/1"
},
{
"type": "WEB",
"url": "https://www.openssh.com/txt/release-8.8"
},
{
"type": "WEB",
"url": "https://www.openssh.com/security.html"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2023/dsa-5586"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20211014-0004"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html"
},
{
"type": "WEB",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1190975"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
SCA-2025-0009
Vulnerability from csaf_sick - Published: 2025-08-01 13:00 - Updated: 2025-08-01 13:00Summary
Vulnerabilities affecting SICK TDC-E210GC
Notes
summary
SICK has identified multiple vulnerabilities in the SICK TDC-E210GC product. The advisory includes a total of 23 vulnerabilities, of which 14 are confirmed as affected and 9 as known not affected. At this time, SICK is not aware of any public exploits specifically targeting these vulnerabilities. Customers are strongly advised to apply the recommended workaround for the affected vulnerabilities to reduce potential risk.
General Security Measures
As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.
Vulnerability Classification
SICK performs vulnerability classification by using the CVSS scoring system (*CVSS v3.1*). The environmental score is dependent on the customer’s environment and can affect the overall CVSS score. SICK recommends that customers individually evaluate the environmental score to achieve final scoring.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "summary",
"text": "SICK has identified multiple vulnerabilities in the SICK TDC-E210GC product. The advisory includes a total of 23 vulnerabilities, of which 14 are confirmed as affected and 9 as known not affected. At this time, SICK is not aware of any public exploits specifically targeting these vulnerabilities. Customers are strongly advised to apply the recommended workaround for the affected vulnerabilities to reduce potential risk.",
"title": "summary"
},
{
"category": "general",
"text": "As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.",
"title": "General Security Measures"
},
{
"category": "general",
"text": "SICK performs vulnerability classification by using the CVSS scoring system (*CVSS v3.1*). The environmental score is dependent on the customer\u2019s environment and can affect the overall CVSS score. SICK recommends that customers individually evaluate the environmental score to achieve final scoring.",
"title": "Vulnerability Classification"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@sick.de",
"issuing_authority": "SICK AG issues and issues in EHS products (when related to the Endress+Hauser SICK (EHS) joint venture).",
"name": "SICK PSIRT",
"namespace": "https://www.sick.com/psirt"
},
"references": [
{
"summary": "SICK PSIRT Security Advisories",
"url": "https://sick.com/psirt"
},
{
"summary": "SICK Operating Guidelines",
"url": "https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf"
},
{
"summary": "ICS-CERT recommended practices on Industrial Security",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"summary": "CVSS v3.1 Calculator",
"url": "https://www.first.org/cvss/calculator/3.1"
},
{
"category": "self",
"summary": "The canonical URL.",
"url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0009.json"
}
],
"title": "Vulnerabilities affecting SICK TDC-E210GC",
"tracking": {
"current_release_date": "2025-08-01T13:00:00.000Z",
"generator": {
"date": "2025-08-01T08:14:37.621Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.32"
}
},
"id": "SCA-2025-0009",
"initial_release_date": "2025-08-01T13:00:00.000Z",
"revision_history": [
{
"date": "2025-08-01T13:00:00.000Z",
"number": "1",
"summary": "Initial version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK TDC-E210GC all versions",
"product_id": "CSAFPID-0001",
"product_identification_helper": {
"skus": [
"6070344"
]
}
}
}
],
"category": "product_name",
"name": "TDC-E210GC"
}
],
"category": "product_family",
"name": "Telematic Data Collector"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK TDC-E210GC Firmware all versions",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "TDC-E210GC Firmware"
}
],
"category": "vendor",
"name": "SICK AG"
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "SICK TDC-E210GC all Firmware versions",
"product_id": "CSAFPID-0003"
},
"product_reference": "CSAFPID-0002",
"relates_to_product_reference": "CSAFPID-0001"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-38408",
"cwe": {
"id": "CWE-428",
"name": "Unquoted Search Path or Element"
},
"notes": [
{
"category": "summary",
"text": "The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk.\nThe collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "OpenSSH Remote Code Execution Due to an Inssufficiently Trustworthy Search Path"
},
{
"cve": "CVE-2021-23017",
"cwe": {
"id": "CWE-193",
"name": "Off-by-one Error"
},
"notes": [
{
"category": "summary",
"text": "A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk.\nThe collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.7,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.7,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "NGINX Off-by-One Error"
},
{
"cve": "CVE-2020-12062",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious unprivileged user on the remote server to overwrite arbitrary files in the client\u0027s download directory by creating a crafted subdirectory anywhere on the remote server. The victim must use the command scp -rp to download a file hierarchy containing, anywhere inside, this crafted subdirectory. NOTE: the vendor points out that \"this attack can achieve no more than a hostile peer is already able to achieve within the scp protocol\" and \"utimes does not fail under normal circumstances.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk.\nThe collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "Inproper Input Validation in OpenSSH 8.2"
},
{
"cve": "CVE-2021-41874",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An unauthorized access vulnerabiitly exists in all versions of Portainer, which could let a malicious user obtain sensitive information. NOTE: Portainer has received no detail of this CVE report. There is also no response after multiple attempts of contacting the original source.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk.\nThe collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "Unauthorized Access Vulnerabiitly in All Versions of Portainer"
},
{
"cve": "CVE-2021-25217",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "In ISC DHCP 4.1-ESV-R1 -\u003e 4.1-ESV-R16, ISC DHCP 4.4.0 -\u003e 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component being affected (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when reading an improper lease, which could cause network connectivity problems for an affected system due to the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in lack of service to clients. Additionally, the offending lease and the lease immediately following it in the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not occur, but it is possible for the offending lease and the lease which immediately followed it to be improperly deleted.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk.\nThe collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.4,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 7.4,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "A Buffer Overrun in Lease File Parsing Code Can Be Used to Exploit a Common Vulnerability Shared by DHCPD and Dhclient"
},
{
"cve": "CVE-2021-3618",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "summary",
"text": "ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim\u0027s traffic at the TCP/IP layer can redirect traffic from one subdomainto another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk.\nThe collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.4,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.4,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "Broken Authentication of TLS"
},
{
"cve": "CVE-2021-28041",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "SSH-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk.\nThe collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.1,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.1,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "Double Free in OpenSSH"
},
{
"cve": "CVE-2020-15778",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of \"anomalous argument transfers\" because that could \"stand a great chance of breaking existing workflows.\"",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk.\nThe collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "Command Injection in the OpenSSH scp.c to Remote Function"
},
{
"cve": "CVE-2021-42650",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Cross Site Scripting (XSS) vulnerability exists in Portainer before 2.9.1 via the node input box in Custom Templates.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk.\nThe collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 6.1,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 6.1,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "Portainer XSS Vulnerability"
},
{
"cve": "CVE-2016-20012",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "summary",
"text": "OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk.\nThe collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "OpenSSH User Enumeration"
},
{
"cve": "CVE-2025-26465",
"cwe": {
"id": "CWE-390",
"name": "Detection of Error Condition Without Action"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client\u0027s memory resource first, turning the attack complexity high.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk.\nThe collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.8,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.8,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "OpenSSH VerifyHostKeyDNS Vulnerable to Mashine-in-the-Middle"
},
{
"cve": "CVE-2019-20372",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "summary",
"text": "NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk.\nThe collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "NGINX Allows HTTP Request Smuggling"
},
{
"cve": "CVE-2020-14145",
"cwe": {
"id": "CWE-203",
"name": "Observable Discrepancy"
},
"notes": [
{
"category": "summary",
"text": "The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk.\nThe collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 5.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "OpenSSH Information Leak in the Algorithm Negotiation"
},
{
"cve": "CVE-2021-36368",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user\u0027s behalf. NOTE: the vendor\u0027s position is \"this is not an authentication bypass, since nothing is being bypassed.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk. The collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.8,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.8,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "OpenSSH Vulnerable to Authentication Bypass"
},
{
"cve": "CVE-2022-24961",
"cwe": {
"id": "CWE-390",
"name": "Detection of Error Condition Without Action"
},
"notes": [
{
"category": "summary",
"text": "In Portainer Agent before 2.11.1, an API server can continue running even if not associated with a Portainer instance in the past few days. The vulnerability allows the API server to run even when not linked to a Portainer instance recently, posing a security risk.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0003"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "Portainer Agent API Server Vulnerability"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0003"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "Denial of Service in HTTP/2 Protocol"
},
{
"cve": "CVE-2021-41617",
"cwe": {
"id": "CWE-273",
"name": "Improper Check for Dropped Privileges"
},
"notes": [
{
"category": "summary",
"text": "sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0003"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "OpenSSH Privilege Escalation"
},
{
"cve": "CVE-2023-51767",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "summary",
"text": "OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0003"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "OpenSSH Authentication Bypass Vulnerability"
},
{
"cve": "CVE-2008-3844",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0003"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "Trojan Horse at RHEL4 for OpenSSH"
},
{
"cve": "CVE-2022-2929",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "In ISC DHCP 1.0 -\u003e 4.4.3, ISC DHCP 4.1-ESV-R1 -\u003e 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0003"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "DHCP Memory Leak"
},
{
"cve": "CVE-2022-2928",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In ISC DHCP 4.4.0 -\u003e 4.4.3, ISC DHCP 4.1-ESV-R1 -\u003e 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option\u0027s refcount field. However, there is not a corresponding call to option_dereference() to decrement the refcount field. The function add_option() is only used in server responses to lease query packets. Each lease query response calls this function for several options, so eventually, the reference counters could overflow and cause the server to abort.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0003"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "An Option Refcount Overflow Exists in DHCPD"
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-354",
"name": "Improper Validation of Integrity Check Value"
},
"notes": [
{
"category": "summary",
"text": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0003"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "OpenSSH Vulnerable for Bypassing Integrity Checks"
},
{
"cve": "CVE-2007-2768",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.",
"title": "Summary"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0003"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"environmentalScore": 3.7,
"environmentalSeverity": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 3.7,
"temporalSeverity": "LOW",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "OpenSSH User Enumeration Using OPIE"
}
]
}
SCA-2025-0011
Vulnerability from csaf_sick - Published: 2025-10-02 13:00 - Updated: 2025-10-02 13:00Summary
Vulnerabilities affecting Endress+Hauser SSG-E210GC
Notes
Summary
Several vulnerabilities in the Endress+Hauser SSG-E210GC product were discoverd. The advisory includes a total of 23 vulnerabilities, of which 14 are confirmed as affected and 9 as known not affected.
Impact
If exploited, these vulnerabilities could potentially allow a remote, unauthenticated attacker to compromise the availability, integrity, and confidentiality of the SSG-E210GC. SICK therefore recommends ensuring that the product operates within a secure environment. Currently, SICK is not aware of any exploits targeting these vulnerabilities.
Mitigation
As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.
Remediation
Customers are strongly advised to apply the recommended workaround for the affected vulnerabilities to reduce potential risk.
General Recommendation
As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "summary",
"text": "Several vulnerabilities in the Endress+Hauser SSG-E210GC product were discoverd. The advisory includes a total of 23 vulnerabilities, of which 14 are confirmed as affected and 9 as known not affected.",
"title": "Summary"
},
{
"category": "description",
"text": "If exploited, these vulnerabilities could potentially allow a remote, unauthenticated attacker to compromise the availability, integrity, and confidentiality of the SSG-E210GC. SICK therefore recommends ensuring that the product operates within a secure environment. Currently, SICK is not aware of any exploits targeting these vulnerabilities. ",
"title": "Impact"
},
{
"category": "description",
"text": "As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.",
"title": "Mitigation"
},
{
"category": "description",
"text": "Customers are strongly advised to apply the recommended workaround for the affected vulnerabilities to reduce potential risk.",
"title": "Remediation"
},
{
"category": "general",
"text": "As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.",
"title": "General Recommendation"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "psirt@sick.de",
"issuing_authority": "SICK AG issues and issues in EHS products (when related to the Endress+Hauser SICK (EHS) joint venture).",
"name": "SICK PSIRT",
"namespace": "https://www.sick.com/psirt"
},
"references": [
{
"summary": "Endress+Hauser",
"url": "https://www.endress.com"
},
{
"summary": "SICK PSIRT Security Advisories",
"url": "https://sick.com/psirt"
},
{
"summary": "ICS-CERT recommended practices on Industrial Security",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"summary": "CVSS v3.1 Calculator",
"url": "https://www.first.org/cvss/calculator/3.1"
},
{
"category": "self",
"summary": "The canonical URL.",
"url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.json"
}
],
"title": "Vulnerabilities affecting Endress+Hauser SSG-E210GC",
"tracking": {
"current_release_date": "2025-10-02T13:00:00.000Z",
"generator": {
"date": "2025-10-02T09:27:08.522Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.36"
}
},
"id": "SCA-2025-0011",
"initial_release_date": "2025-10-02T13:00:00.000Z",
"revision_history": [
{
"date": "2025-10-02T13:00:00.000Z",
"number": "1.0.0",
"summary": "Initial version"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Endress+Hauser SSG-E210GC all versions",
"product_id": "CSAFPID-0001",
"product_identification_helper": {
"skus": [
"1124771"
]
}
}
}
],
"category": "product_name",
"name": "SSG-E210GC"
}
],
"category": "product_name",
"name": "SSG"
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Endress+Hauser SSG-E210GC Firmware all versions",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "Endress+Hauser"
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Endress+Hauser SSG-E210GC all Firmware versions",
"product_id": "CSAFPID-0003"
},
"product_reference": "CSAFPID-0002",
"relates_to_product_reference": "CSAFPID-0001"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-38408",
"cwe": {
"id": "CWE-428",
"name": "Unquoted Search Path or Element"
},
"notes": [
{
"category": "description",
"text": "The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk.\nThe collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "CVE-2023-38408"
},
{
"cve": "CVE-2021-23017",
"cwe": {
"id": "CWE-193",
"name": "Off-by-one Error"
},
"notes": [
{
"category": "description",
"text": "A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk.\nThe collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.7,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.7,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "CVE-2021-23017"
},
{
"cve": "CVE-2020-12062",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious unprivileged user on the remote server to overwrite arbitrary files in the client\u0027s download directory by creating a crafted subdirectory anywhere on the remote server. The victim must use the command scp -rp to download a file hierarchy containing, anywhere inside, this crafted subdirectory. NOTE: the vendor points out that \"this attack can achieve no more than a hostile peer is already able to achieve within the scp protocol\" and \"utimes does not fail under normal circumstances.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk.\nThe collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "CVE-2020-12062"
},
{
"cve": "CVE-2021-41874",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "An unauthorized access vulnerabiitly exists in all versions of Portainer, which could let a malicious user obtain sensitive information. NOTE: Portainer has received no detail of this CVE report. There is also no response after multiple attempts of contacting the original source.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk.\nThe collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "CVE-2021-41874"
},
{
"cve": "CVE-2021-25217",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "description",
"text": "In ISC DHCP 4.1-ESV-R1 -\u003e 4.1-ESV-R16, ISC DHCP 4.4.0 -\u003e 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component being affected (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when reading an improper lease, which could cause network connectivity problems for an affected system due to the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in lack of service to clients. Additionally, the offending lease and the lease immediately following it in the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not occur, but it is possible for the offending lease and the lease which immediately followed it to be improperly deleted.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk.\nThe collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.4,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 7.4,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "CVE-2021-25217"
},
{
"cve": "CVE-2021-3618",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "description",
"text": "ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim\u0027s traffic at the TCP/IP layer can redirect traffic from one subdomainto another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk.\nThe collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.4,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.4,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "CVE-2021-3618"
},
{
"cve": "CVE-2021-28041",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "description",
"text": "SSH-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk.\nThe collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.1,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.1,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "CVE-2021-28041"
},
{
"cve": "CVE-2020-15778",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "description",
"text": "scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of \"anomalous argument transfers\" because that could \"stand a great chance of breaking existing workflows.\"",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk.\nThe collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "CVE-2020-15778"
},
{
"cve": "CVE-2021-42650",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "description",
"text": "Cross Site Scripting (XSS) vulnerability exists in Portainer before 2.9.1 via the node input box in Custom Templates.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk.\nThe collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 6.1,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 6.1,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "CVE-2021-42650"
},
{
"cve": "CVE-2016-20012",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "description",
"text": "OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk.\nThe collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "CVE-2016-20012"
},
{
"cve": "CVE-2025-26465",
"cwe": {
"id": "CWE-390",
"name": "Detection of Error Condition Without Action"
},
"notes": [
{
"category": "description",
"text": "A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client\u0027s memory resource first, turning the attack complexity high.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk.\nThe collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.8,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.8,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "CVE-2025-26465"
},
{
"cve": "CVE-2019-20372",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "description",
"text": "NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk.\nThe collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "CVE-2019-20372"
},
{
"cve": "CVE-2020-14145",
"cwe": {
"id": "CWE-203",
"name": "Observable Discrepancy"
},
"notes": [
{
"category": "description",
"text": "The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk.\nThe collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 5.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "CVE-2020-14145"
},
{
"cve": "CVE-2021-36368",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "description",
"text": "An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user\u0027s behalf. NOTE: the vendor\u0027s position is \"this is not an authentication bypass, since nothing is being bypassed.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0003"
]
},
"remediations": [
{
"category": "workaround",
"details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk. The collected resources \"SICK Operating Guidelines\" and \"ICS-CERT recommended practices on Industrial Security\" could help to implement the general security practices.",
"product_ids": [
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.8,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.8,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "CVE-2021-36368"
},
{
"cve": "CVE-2022-24961",
"cwe": {
"id": "CWE-390",
"name": "Detection of Error Condition Without Action"
},
"notes": [
{
"category": "description",
"text": "In Portainer Agent before 2.11.1, an API server can continue running even if not associated with a Portainer instance in the past few days. The vulnerability allows the API server to run even when not linked to a Portainer instance recently, posing a security risk.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0003"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "CVE-2022-24961"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "description",
"text": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0003"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2021-41617",
"cwe": {
"id": "CWE-273",
"name": "Improper Check for Dropped Privileges"
},
"notes": [
{
"category": "description",
"text": "sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0003"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "CVE-2021-41617"
},
{
"cve": "CVE-2023-51767",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "description",
"text": "OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0003"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "CVE-2023-51767"
},
{
"cve": "CVE-2008-3844",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0003"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "CVE-2008-3844"
},
{
"cve": "CVE-2022-2929",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "description",
"text": "In ISC DHCP 1.0 -\u003e 4.4.3, ISC DHCP 4.1-ESV-R1 -\u003e 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0003"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "CVE-2022-2929"
},
{
"cve": "CVE-2022-2928",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In ISC DHCP 4.4.0 -\u003e 4.4.3, ISC DHCP 4.1-ESV-R1 -\u003e 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option\u0027s refcount field. However, there is not a corresponding call to option_dereference() to decrement the refcount field. The function add_option() is only used in server responses to lease query packets. Each lease query response calls this function for several options, so eventually, the reference counters could overflow and cause the server to abort.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0003"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "CVE-2022-2928"
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-354",
"name": "Improper Validation of Integrity Check Value"
},
"notes": [
{
"category": "description",
"text": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0003"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2007-2768",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "description",
"text": "OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_not_affected": [
"CSAFPID-0003"
]
},
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"environmentalScore": 3.7,
"environmentalSeverity": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 3.7,
"temporalSeverity": "LOW",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0003"
]
}
],
"title": "CVE-2007-2768"
}
]
}
SUSE-SU-2021:3947-1
Vulnerability from csaf_suse - Published: 2021-12-06 13:58 - Updated: 2021-12-06 13:58Summary
Security update for openssh
Notes
Title of the patch
Security update for openssh
Description of the patch
This update for openssh fixes the following issues:
- CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured (bsc#1190975).
Patchnames
SUSE-2021-3947,SUSE-SLE-Product-HPC-15-SP1-ESPOS-2021-3947,SUSE-SLE-Product-HPC-15-SP1-LTSS-2021-3947,SUSE-SLE-Product-SLES-15-SP1-BCL-2021-3947,SUSE-SLE-Product-SLES-15-SP1-LTSS-2021-3947,SUSE-SLE-Product-SLES_SAP-15-SP1-2021-3947,SUSE-Storage-6-2021-3947
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssh",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssh fixes the following issues:\n\n- CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured (bsc#1190975).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-3947,SUSE-SLE-Product-HPC-15-SP1-ESPOS-2021-3947,SUSE-SLE-Product-HPC-15-SP1-LTSS-2021-3947,SUSE-SLE-Product-SLES-15-SP1-BCL-2021-3947,SUSE-SLE-Product-SLES-15-SP1-LTSS-2021-3947,SUSE-SLE-Product-SLES_SAP-15-SP1-2021-3947,SUSE-Storage-6-2021-3947",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_3947-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:3947-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20213947-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:3947-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-December/009854.html"
},
{
"category": "self",
"summary": "SUSE Bug 1190975",
"url": "https://bugzilla.suse.com/1190975"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-41617 page",
"url": "https://www.suse.com/security/cve/CVE-2021-41617/"
}
],
"title": "Security update for openssh",
"tracking": {
"current_release_date": "2021-12-06T13:58:18Z",
"generator": {
"date": "2021-12-06T13:58:18Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:3947-1",
"initial_release_date": "2021-12-06T13:58:18Z",
"revision_history": [
{
"date": "2021-12-06T13:58:18Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.9p1-6.28.1.aarch64",
"product": {
"name": "openssh-7.9p1-6.28.1.aarch64",
"product_id": "openssh-7.9p1-6.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.9p1-6.28.1.aarch64",
"product": {
"name": "openssh-askpass-gnome-7.9p1-6.28.1.aarch64",
"product_id": "openssh-askpass-gnome-7.9p1-6.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-cavs-7.9p1-6.28.1.aarch64",
"product": {
"name": "openssh-cavs-7.9p1-6.28.1.aarch64",
"product_id": "openssh-cavs-7.9p1-6.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.9p1-6.28.1.aarch64",
"product": {
"name": "openssh-fips-7.9p1-6.28.1.aarch64",
"product_id": "openssh-fips-7.9p1-6.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.9p1-6.28.1.aarch64",
"product": {
"name": "openssh-helpers-7.9p1-6.28.1.aarch64",
"product_id": "openssh-helpers-7.9p1-6.28.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.9p1-6.28.1.i586",
"product": {
"name": "openssh-7.9p1-6.28.1.i586",
"product_id": "openssh-7.9p1-6.28.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.9p1-6.28.1.i586",
"product": {
"name": "openssh-askpass-gnome-7.9p1-6.28.1.i586",
"product_id": "openssh-askpass-gnome-7.9p1-6.28.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-cavs-7.9p1-6.28.1.i586",
"product": {
"name": "openssh-cavs-7.9p1-6.28.1.i586",
"product_id": "openssh-cavs-7.9p1-6.28.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.9p1-6.28.1.i586",
"product": {
"name": "openssh-fips-7.9p1-6.28.1.i586",
"product_id": "openssh-fips-7.9p1-6.28.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.9p1-6.28.1.i586",
"product": {
"name": "openssh-helpers-7.9p1-6.28.1.i586",
"product_id": "openssh-helpers-7.9p1-6.28.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.9p1-6.28.1.ppc64le",
"product": {
"name": "openssh-7.9p1-6.28.1.ppc64le",
"product_id": "openssh-7.9p1-6.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.9p1-6.28.1.ppc64le",
"product": {
"name": "openssh-askpass-gnome-7.9p1-6.28.1.ppc64le",
"product_id": "openssh-askpass-gnome-7.9p1-6.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-cavs-7.9p1-6.28.1.ppc64le",
"product": {
"name": "openssh-cavs-7.9p1-6.28.1.ppc64le",
"product_id": "openssh-cavs-7.9p1-6.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.9p1-6.28.1.ppc64le",
"product": {
"name": "openssh-fips-7.9p1-6.28.1.ppc64le",
"product_id": "openssh-fips-7.9p1-6.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.9p1-6.28.1.ppc64le",
"product": {
"name": "openssh-helpers-7.9p1-6.28.1.ppc64le",
"product_id": "openssh-helpers-7.9p1-6.28.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.9p1-6.28.1.s390x",
"product": {
"name": "openssh-7.9p1-6.28.1.s390x",
"product_id": "openssh-7.9p1-6.28.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.9p1-6.28.1.s390x",
"product": {
"name": "openssh-askpass-gnome-7.9p1-6.28.1.s390x",
"product_id": "openssh-askpass-gnome-7.9p1-6.28.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-cavs-7.9p1-6.28.1.s390x",
"product": {
"name": "openssh-cavs-7.9p1-6.28.1.s390x",
"product_id": "openssh-cavs-7.9p1-6.28.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.9p1-6.28.1.s390x",
"product": {
"name": "openssh-fips-7.9p1-6.28.1.s390x",
"product_id": "openssh-fips-7.9p1-6.28.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.9p1-6.28.1.s390x",
"product": {
"name": "openssh-helpers-7.9p1-6.28.1.s390x",
"product_id": "openssh-helpers-7.9p1-6.28.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.9p1-6.28.1.x86_64",
"product": {
"name": "openssh-7.9p1-6.28.1.x86_64",
"product_id": "openssh-7.9p1-6.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.9p1-6.28.1.x86_64",
"product": {
"name": "openssh-askpass-gnome-7.9p1-6.28.1.x86_64",
"product_id": "openssh-askpass-gnome-7.9p1-6.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-cavs-7.9p1-6.28.1.x86_64",
"product": {
"name": "openssh-cavs-7.9p1-6.28.1.x86_64",
"product_id": "openssh-cavs-7.9p1-6.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.9p1-6.28.1.x86_64",
"product": {
"name": "openssh-fips-7.9p1-6.28.1.x86_64",
"product_id": "openssh-fips-7.9p1-6.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.9p1-6.28.1.x86_64",
"product": {
"name": "openssh-helpers-7.9p1-6.28.1.x86_64",
"product_id": "openssh-helpers-7.9p1-6.28.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_bcl:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 6",
"product": {
"name": "SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.9p1-6.28.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-7.9p1-6.28.1.aarch64"
},
"product_reference": "openssh-7.9p1-6.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.9p1-6.28.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-7.9p1-6.28.1.x86_64"
},
"product_reference": "openssh-7.9p1-6.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.9p1-6.28.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-askpass-gnome-7.9p1-6.28.1.aarch64"
},
"product_reference": "openssh-askpass-gnome-7.9p1-6.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.9p1-6.28.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-askpass-gnome-7.9p1-6.28.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.9p1-6.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.9p1-6.28.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-fips-7.9p1-6.28.1.aarch64"
},
"product_reference": "openssh-fips-7.9p1-6.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.9p1-6.28.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-fips-7.9p1-6.28.1.x86_64"
},
"product_reference": "openssh-fips-7.9p1-6.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.9p1-6.28.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-helpers-7.9p1-6.28.1.aarch64"
},
"product_reference": "openssh-helpers-7.9p1-6.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.9p1-6.28.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-helpers-7.9p1-6.28.1.x86_64"
},
"product_reference": "openssh-helpers-7.9p1-6.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.9p1-6.28.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-7.9p1-6.28.1.aarch64"
},
"product_reference": "openssh-7.9p1-6.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.9p1-6.28.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-7.9p1-6.28.1.x86_64"
},
"product_reference": "openssh-7.9p1-6.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.9p1-6.28.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-askpass-gnome-7.9p1-6.28.1.aarch64"
},
"product_reference": "openssh-askpass-gnome-7.9p1-6.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.9p1-6.28.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-askpass-gnome-7.9p1-6.28.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.9p1-6.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.9p1-6.28.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-fips-7.9p1-6.28.1.aarch64"
},
"product_reference": "openssh-fips-7.9p1-6.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.9p1-6.28.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-fips-7.9p1-6.28.1.x86_64"
},
"product_reference": "openssh-fips-7.9p1-6.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.9p1-6.28.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-helpers-7.9p1-6.28.1.aarch64"
},
"product_reference": "openssh-helpers-7.9p1-6.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.9p1-6.28.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-helpers-7.9p1-6.28.1.x86_64"
},
"product_reference": "openssh-helpers-7.9p1-6.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.9p1-6.28.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:openssh-7.9p1-6.28.1.x86_64"
},
"product_reference": "openssh-7.9p1-6.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.9p1-6.28.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:openssh-askpass-gnome-7.9p1-6.28.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.9p1-6.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.9p1-6.28.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:openssh-fips-7.9p1-6.28.1.x86_64"
},
"product_reference": "openssh-fips-7.9p1-6.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.9p1-6.28.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:openssh-helpers-7.9p1-6.28.1.x86_64"
},
"product_reference": "openssh-helpers-7.9p1-6.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.9p1-6.28.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-7.9p1-6.28.1.aarch64"
},
"product_reference": "openssh-7.9p1-6.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.9p1-6.28.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-7.9p1-6.28.1.ppc64le"
},
"product_reference": "openssh-7.9p1-6.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.9p1-6.28.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-7.9p1-6.28.1.s390x"
},
"product_reference": "openssh-7.9p1-6.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.9p1-6.28.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-7.9p1-6.28.1.x86_64"
},
"product_reference": "openssh-7.9p1-6.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.9p1-6.28.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-askpass-gnome-7.9p1-6.28.1.aarch64"
},
"product_reference": "openssh-askpass-gnome-7.9p1-6.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.9p1-6.28.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-askpass-gnome-7.9p1-6.28.1.ppc64le"
},
"product_reference": "openssh-askpass-gnome-7.9p1-6.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.9p1-6.28.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-askpass-gnome-7.9p1-6.28.1.s390x"
},
"product_reference": "openssh-askpass-gnome-7.9p1-6.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.9p1-6.28.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-askpass-gnome-7.9p1-6.28.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.9p1-6.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.9p1-6.28.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-fips-7.9p1-6.28.1.aarch64"
},
"product_reference": "openssh-fips-7.9p1-6.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.9p1-6.28.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-fips-7.9p1-6.28.1.ppc64le"
},
"product_reference": "openssh-fips-7.9p1-6.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.9p1-6.28.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-fips-7.9p1-6.28.1.s390x"
},
"product_reference": "openssh-fips-7.9p1-6.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.9p1-6.28.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-fips-7.9p1-6.28.1.x86_64"
},
"product_reference": "openssh-fips-7.9p1-6.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.9p1-6.28.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-helpers-7.9p1-6.28.1.aarch64"
},
"product_reference": "openssh-helpers-7.9p1-6.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.9p1-6.28.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-helpers-7.9p1-6.28.1.ppc64le"
},
"product_reference": "openssh-helpers-7.9p1-6.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.9p1-6.28.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-helpers-7.9p1-6.28.1.s390x"
},
"product_reference": "openssh-helpers-7.9p1-6.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.9p1-6.28.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-helpers-7.9p1-6.28.1.x86_64"
},
"product_reference": "openssh-helpers-7.9p1-6.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.9p1-6.28.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-7.9p1-6.28.1.ppc64le"
},
"product_reference": "openssh-7.9p1-6.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.9p1-6.28.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-7.9p1-6.28.1.x86_64"
},
"product_reference": "openssh-7.9p1-6.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.9p1-6.28.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-askpass-gnome-7.9p1-6.28.1.ppc64le"
},
"product_reference": "openssh-askpass-gnome-7.9p1-6.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.9p1-6.28.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-askpass-gnome-7.9p1-6.28.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.9p1-6.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.9p1-6.28.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-fips-7.9p1-6.28.1.ppc64le"
},
"product_reference": "openssh-fips-7.9p1-6.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.9p1-6.28.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-fips-7.9p1-6.28.1.x86_64"
},
"product_reference": "openssh-fips-7.9p1-6.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.9p1-6.28.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-helpers-7.9p1-6.28.1.ppc64le"
},
"product_reference": "openssh-helpers-7.9p1-6.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.9p1-6.28.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-helpers-7.9p1-6.28.1.x86_64"
},
"product_reference": "openssh-helpers-7.9p1-6.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.9p1-6.28.1.aarch64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:openssh-7.9p1-6.28.1.aarch64"
},
"product_reference": "openssh-7.9p1-6.28.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.9p1-6.28.1.x86_64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:openssh-7.9p1-6.28.1.x86_64"
},
"product_reference": "openssh-7.9p1-6.28.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.9p1-6.28.1.aarch64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:openssh-askpass-gnome-7.9p1-6.28.1.aarch64"
},
"product_reference": "openssh-askpass-gnome-7.9p1-6.28.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.9p1-6.28.1.x86_64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:openssh-askpass-gnome-7.9p1-6.28.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.9p1-6.28.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.9p1-6.28.1.aarch64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:openssh-fips-7.9p1-6.28.1.aarch64"
},
"product_reference": "openssh-fips-7.9p1-6.28.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.9p1-6.28.1.x86_64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:openssh-fips-7.9p1-6.28.1.x86_64"
},
"product_reference": "openssh-fips-7.9p1-6.28.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.9p1-6.28.1.aarch64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:openssh-helpers-7.9p1-6.28.1.aarch64"
},
"product_reference": "openssh-helpers-7.9p1-6.28.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.9p1-6.28.1.x86_64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:openssh-helpers-7.9p1-6.28.1.x86_64"
},
"product_reference": "openssh-helpers-7.9p1-6.28.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-41617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-41617"
}
],
"notes": [
{
"category": "general",
"text": "sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:openssh-7.9p1-6.28.1.aarch64",
"SUSE Enterprise Storage 6:openssh-7.9p1-6.28.1.x86_64",
"SUSE Enterprise Storage 6:openssh-askpass-gnome-7.9p1-6.28.1.aarch64",
"SUSE Enterprise Storage 6:openssh-askpass-gnome-7.9p1-6.28.1.x86_64",
"SUSE Enterprise Storage 6:openssh-fips-7.9p1-6.28.1.aarch64",
"SUSE Enterprise Storage 6:openssh-fips-7.9p1-6.28.1.x86_64",
"SUSE Enterprise Storage 6:openssh-helpers-7.9p1-6.28.1.aarch64",
"SUSE Enterprise Storage 6:openssh-helpers-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-askpass-gnome-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-askpass-gnome-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-fips-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-fips-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-helpers-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-helpers-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-askpass-gnome-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-askpass-gnome-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-fips-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-fips-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-helpers-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-helpers-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:openssh-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:openssh-askpass-gnome-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:openssh-fips-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:openssh-helpers-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-7.9p1-6.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-7.9p1-6.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-askpass-gnome-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-askpass-gnome-7.9p1-6.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-askpass-gnome-7.9p1-6.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-askpass-gnome-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-fips-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-fips-7.9p1-6.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-fips-7.9p1-6.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-fips-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-helpers-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-helpers-7.9p1-6.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-helpers-7.9p1-6.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-helpers-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-7.9p1-6.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-askpass-gnome-7.9p1-6.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-askpass-gnome-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-fips-7.9p1-6.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-fips-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-helpers-7.9p1-6.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-helpers-7.9p1-6.28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-41617",
"url": "https://www.suse.com/security/cve/CVE-2021-41617"
},
{
"category": "external",
"summary": "SUSE Bug 1190975 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1190975"
},
{
"category": "external",
"summary": "SUSE Bug 1193497 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1193497"
},
{
"category": "external",
"summary": "SUSE Bug 1196721 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1196721"
},
{
"category": "external",
"summary": "SUSE Bug 1200782 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1200782"
},
{
"category": "external",
"summary": "SUSE Bug 1205056 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1205056"
},
{
"category": "external",
"summary": "SUSE Bug 1212247 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1212247"
},
{
"category": "external",
"summary": "SUSE Bug 1212281 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1212281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:openssh-7.9p1-6.28.1.aarch64",
"SUSE Enterprise Storage 6:openssh-7.9p1-6.28.1.x86_64",
"SUSE Enterprise Storage 6:openssh-askpass-gnome-7.9p1-6.28.1.aarch64",
"SUSE Enterprise Storage 6:openssh-askpass-gnome-7.9p1-6.28.1.x86_64",
"SUSE Enterprise Storage 6:openssh-fips-7.9p1-6.28.1.aarch64",
"SUSE Enterprise Storage 6:openssh-fips-7.9p1-6.28.1.x86_64",
"SUSE Enterprise Storage 6:openssh-helpers-7.9p1-6.28.1.aarch64",
"SUSE Enterprise Storage 6:openssh-helpers-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-askpass-gnome-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-askpass-gnome-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-fips-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-fips-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-helpers-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-helpers-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-askpass-gnome-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-askpass-gnome-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-fips-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-fips-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-helpers-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-helpers-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:openssh-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:openssh-askpass-gnome-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:openssh-fips-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:openssh-helpers-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-7.9p1-6.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-7.9p1-6.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-askpass-gnome-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-askpass-gnome-7.9p1-6.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-askpass-gnome-7.9p1-6.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-askpass-gnome-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-fips-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-fips-7.9p1-6.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-fips-7.9p1-6.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-fips-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-helpers-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-helpers-7.9p1-6.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-helpers-7.9p1-6.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-helpers-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-7.9p1-6.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-askpass-gnome-7.9p1-6.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-askpass-gnome-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-fips-7.9p1-6.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-fips-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-helpers-7.9p1-6.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-helpers-7.9p1-6.28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:openssh-7.9p1-6.28.1.aarch64",
"SUSE Enterprise Storage 6:openssh-7.9p1-6.28.1.x86_64",
"SUSE Enterprise Storage 6:openssh-askpass-gnome-7.9p1-6.28.1.aarch64",
"SUSE Enterprise Storage 6:openssh-askpass-gnome-7.9p1-6.28.1.x86_64",
"SUSE Enterprise Storage 6:openssh-fips-7.9p1-6.28.1.aarch64",
"SUSE Enterprise Storage 6:openssh-fips-7.9p1-6.28.1.x86_64",
"SUSE Enterprise Storage 6:openssh-helpers-7.9p1-6.28.1.aarch64",
"SUSE Enterprise Storage 6:openssh-helpers-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-askpass-gnome-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-askpass-gnome-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-fips-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-fips-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-helpers-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:openssh-helpers-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-askpass-gnome-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-askpass-gnome-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-fips-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-fips-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-helpers-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:openssh-helpers-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:openssh-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:openssh-askpass-gnome-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:openssh-fips-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:openssh-helpers-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-7.9p1-6.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-7.9p1-6.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-askpass-gnome-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-askpass-gnome-7.9p1-6.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-askpass-gnome-7.9p1-6.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-askpass-gnome-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-fips-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-fips-7.9p1-6.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-fips-7.9p1-6.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-fips-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-helpers-7.9p1-6.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-helpers-7.9p1-6.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-helpers-7.9p1-6.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:openssh-helpers-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-7.9p1-6.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-askpass-gnome-7.9p1-6.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-askpass-gnome-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-fips-7.9p1-6.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-fips-7.9p1-6.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-helpers-7.9p1-6.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:openssh-helpers-7.9p1-6.28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-12-06T13:58:18Z",
"details": "important"
}
],
"title": "CVE-2021-41617"
}
]
}
SUSE-SU-2021:3875-1
Vulnerability from csaf_suse - Published: 2021-12-02 07:19 - Updated: 2021-12-02 07:19Summary
Security update for openssh
Notes
Title of the patch
Security update for openssh
Description of the patch
This update for openssh fixes the following issues:
- CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured (bsc#1190975).
Patchnames
SUSE-2021-3875,SUSE-OpenStack-Cloud-9-2021-3875,SUSE-OpenStack-Cloud-Crowbar-9-2021-3875,SUSE-SLE-SAP-12-SP4-2021-3875,SUSE-SLE-SERVER-12-SP4-LTSS-2021-3875,SUSE-SLE-SERVER-12-SP5-2021-3875
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssh",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssh fixes the following issues:\n\n- CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured (bsc#1190975).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-3875,SUSE-OpenStack-Cloud-9-2021-3875,SUSE-OpenStack-Cloud-Crowbar-9-2021-3875,SUSE-SLE-SAP-12-SP4-2021-3875,SUSE-SLE-SERVER-12-SP4-LTSS-2021-3875,SUSE-SLE-SERVER-12-SP5-2021-3875",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_3875-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:3875-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20213875-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:3875-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-December/009814.html"
},
{
"category": "self",
"summary": "SUSE Bug 1190975",
"url": "https://bugzilla.suse.com/1190975"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-41617 page",
"url": "https://www.suse.com/security/cve/CVE-2021-41617/"
}
],
"title": "Security update for openssh",
"tracking": {
"current_release_date": "2021-12-02T07:19:04Z",
"generator": {
"date": "2021-12-02T07:19:04Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:3875-1",
"initial_release_date": "2021-12-02T07:19:04Z",
"revision_history": [
{
"date": "2021-12-02T07:19:04Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.2p2-78.13.1.aarch64",
"product": {
"name": "openssh-7.2p2-78.13.1.aarch64",
"product_id": "openssh-7.2p2-78.13.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.2p2-78.13.1.aarch64",
"product": {
"name": "openssh-askpass-gnome-7.2p2-78.13.1.aarch64",
"product_id": "openssh-askpass-gnome-7.2p2-78.13.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-cavs-7.2p2-78.13.1.aarch64",
"product": {
"name": "openssh-cavs-7.2p2-78.13.1.aarch64",
"product_id": "openssh-cavs-7.2p2-78.13.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.2p2-78.13.1.aarch64",
"product": {
"name": "openssh-fips-7.2p2-78.13.1.aarch64",
"product_id": "openssh-fips-7.2p2-78.13.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.2p2-78.13.1.aarch64",
"product": {
"name": "openssh-helpers-7.2p2-78.13.1.aarch64",
"product_id": "openssh-helpers-7.2p2-78.13.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.2p2-78.13.1.i586",
"product": {
"name": "openssh-7.2p2-78.13.1.i586",
"product_id": "openssh-7.2p2-78.13.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.2p2-78.13.1.i586",
"product": {
"name": "openssh-askpass-gnome-7.2p2-78.13.1.i586",
"product_id": "openssh-askpass-gnome-7.2p2-78.13.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-cavs-7.2p2-78.13.1.i586",
"product": {
"name": "openssh-cavs-7.2p2-78.13.1.i586",
"product_id": "openssh-cavs-7.2p2-78.13.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.2p2-78.13.1.i586",
"product": {
"name": "openssh-fips-7.2p2-78.13.1.i586",
"product_id": "openssh-fips-7.2p2-78.13.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.2p2-78.13.1.i586",
"product": {
"name": "openssh-helpers-7.2p2-78.13.1.i586",
"product_id": "openssh-helpers-7.2p2-78.13.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.2p2-78.13.1.ppc64le",
"product": {
"name": "openssh-7.2p2-78.13.1.ppc64le",
"product_id": "openssh-7.2p2-78.13.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.2p2-78.13.1.ppc64le",
"product": {
"name": "openssh-askpass-gnome-7.2p2-78.13.1.ppc64le",
"product_id": "openssh-askpass-gnome-7.2p2-78.13.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-cavs-7.2p2-78.13.1.ppc64le",
"product": {
"name": "openssh-cavs-7.2p2-78.13.1.ppc64le",
"product_id": "openssh-cavs-7.2p2-78.13.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.2p2-78.13.1.ppc64le",
"product": {
"name": "openssh-fips-7.2p2-78.13.1.ppc64le",
"product_id": "openssh-fips-7.2p2-78.13.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.2p2-78.13.1.ppc64le",
"product": {
"name": "openssh-helpers-7.2p2-78.13.1.ppc64le",
"product_id": "openssh-helpers-7.2p2-78.13.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.2p2-78.13.1.s390",
"product": {
"name": "openssh-7.2p2-78.13.1.s390",
"product_id": "openssh-7.2p2-78.13.1.s390"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.2p2-78.13.1.s390",
"product": {
"name": "openssh-askpass-gnome-7.2p2-78.13.1.s390",
"product_id": "openssh-askpass-gnome-7.2p2-78.13.1.s390"
}
},
{
"category": "product_version",
"name": "openssh-cavs-7.2p2-78.13.1.s390",
"product": {
"name": "openssh-cavs-7.2p2-78.13.1.s390",
"product_id": "openssh-cavs-7.2p2-78.13.1.s390"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.2p2-78.13.1.s390",
"product": {
"name": "openssh-fips-7.2p2-78.13.1.s390",
"product_id": "openssh-fips-7.2p2-78.13.1.s390"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.2p2-78.13.1.s390",
"product": {
"name": "openssh-helpers-7.2p2-78.13.1.s390",
"product_id": "openssh-helpers-7.2p2-78.13.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.2p2-78.13.1.s390x",
"product": {
"name": "openssh-7.2p2-78.13.1.s390x",
"product_id": "openssh-7.2p2-78.13.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.2p2-78.13.1.s390x",
"product": {
"name": "openssh-askpass-gnome-7.2p2-78.13.1.s390x",
"product_id": "openssh-askpass-gnome-7.2p2-78.13.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-cavs-7.2p2-78.13.1.s390x",
"product": {
"name": "openssh-cavs-7.2p2-78.13.1.s390x",
"product_id": "openssh-cavs-7.2p2-78.13.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.2p2-78.13.1.s390x",
"product": {
"name": "openssh-fips-7.2p2-78.13.1.s390x",
"product_id": "openssh-fips-7.2p2-78.13.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.2p2-78.13.1.s390x",
"product": {
"name": "openssh-helpers-7.2p2-78.13.1.s390x",
"product_id": "openssh-helpers-7.2p2-78.13.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.2p2-78.13.1.x86_64",
"product": {
"name": "openssh-7.2p2-78.13.1.x86_64",
"product_id": "openssh-7.2p2-78.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.2p2-78.13.1.x86_64",
"product": {
"name": "openssh-askpass-gnome-7.2p2-78.13.1.x86_64",
"product_id": "openssh-askpass-gnome-7.2p2-78.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-cavs-7.2p2-78.13.1.x86_64",
"product": {
"name": "openssh-cavs-7.2p2-78.13.1.x86_64",
"product_id": "openssh-cavs-7.2p2-78.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.2p2-78.13.1.x86_64",
"product": {
"name": "openssh-fips-7.2p2-78.13.1.x86_64",
"product_id": "openssh-fips-7.2p2-78.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.2p2-78.13.1.x86_64",
"product": {
"name": "openssh-helpers-7.2p2-78.13.1.x86_64",
"product_id": "openssh-helpers-7.2p2-78.13.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 9",
"product": {
"name": "SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:9"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 9",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:9"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-78.13.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:openssh-7.2p2-78.13.1.x86_64"
},
"product_reference": "openssh-7.2p2-78.13.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-78.13.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:openssh-askpass-gnome-7.2p2-78.13.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-78.13.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-78.13.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:openssh-fips-7.2p2-78.13.1.x86_64"
},
"product_reference": "openssh-fips-7.2p2-78.13.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-78.13.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:openssh-helpers-7.2p2-78.13.1.x86_64"
},
"product_reference": "openssh-helpers-7.2p2-78.13.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-78.13.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:openssh-7.2p2-78.13.1.x86_64"
},
"product_reference": "openssh-7.2p2-78.13.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-78.13.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:openssh-askpass-gnome-7.2p2-78.13.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-78.13.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-78.13.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:openssh-fips-7.2p2-78.13.1.x86_64"
},
"product_reference": "openssh-fips-7.2p2-78.13.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-78.13.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:openssh-helpers-7.2p2-78.13.1.x86_64"
},
"product_reference": "openssh-helpers-7.2p2-78.13.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-78.13.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-7.2p2-78.13.1.ppc64le"
},
"product_reference": "openssh-7.2p2-78.13.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-78.13.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-7.2p2-78.13.1.x86_64"
},
"product_reference": "openssh-7.2p2-78.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-78.13.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-askpass-gnome-7.2p2-78.13.1.ppc64le"
},
"product_reference": "openssh-askpass-gnome-7.2p2-78.13.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-78.13.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-askpass-gnome-7.2p2-78.13.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-78.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-78.13.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-fips-7.2p2-78.13.1.ppc64le"
},
"product_reference": "openssh-fips-7.2p2-78.13.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-78.13.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-fips-7.2p2-78.13.1.x86_64"
},
"product_reference": "openssh-fips-7.2p2-78.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-78.13.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-helpers-7.2p2-78.13.1.ppc64le"
},
"product_reference": "openssh-helpers-7.2p2-78.13.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-78.13.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-helpers-7.2p2-78.13.1.x86_64"
},
"product_reference": "openssh-helpers-7.2p2-78.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-78.13.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-7.2p2-78.13.1.aarch64"
},
"product_reference": "openssh-7.2p2-78.13.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-78.13.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-7.2p2-78.13.1.ppc64le"
},
"product_reference": "openssh-7.2p2-78.13.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-78.13.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-7.2p2-78.13.1.s390x"
},
"product_reference": "openssh-7.2p2-78.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-78.13.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-7.2p2-78.13.1.x86_64"
},
"product_reference": "openssh-7.2p2-78.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-78.13.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-askpass-gnome-7.2p2-78.13.1.aarch64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-78.13.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-78.13.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-askpass-gnome-7.2p2-78.13.1.ppc64le"
},
"product_reference": "openssh-askpass-gnome-7.2p2-78.13.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-78.13.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-askpass-gnome-7.2p2-78.13.1.s390x"
},
"product_reference": "openssh-askpass-gnome-7.2p2-78.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-78.13.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-askpass-gnome-7.2p2-78.13.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-78.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-78.13.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-fips-7.2p2-78.13.1.aarch64"
},
"product_reference": "openssh-fips-7.2p2-78.13.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-78.13.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-fips-7.2p2-78.13.1.ppc64le"
},
"product_reference": "openssh-fips-7.2p2-78.13.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-78.13.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-fips-7.2p2-78.13.1.s390x"
},
"product_reference": "openssh-fips-7.2p2-78.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-78.13.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-fips-7.2p2-78.13.1.x86_64"
},
"product_reference": "openssh-fips-7.2p2-78.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-78.13.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-helpers-7.2p2-78.13.1.aarch64"
},
"product_reference": "openssh-helpers-7.2p2-78.13.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-78.13.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-helpers-7.2p2-78.13.1.ppc64le"
},
"product_reference": "openssh-helpers-7.2p2-78.13.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-78.13.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-helpers-7.2p2-78.13.1.s390x"
},
"product_reference": "openssh-helpers-7.2p2-78.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-78.13.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-helpers-7.2p2-78.13.1.x86_64"
},
"product_reference": "openssh-helpers-7.2p2-78.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-78.13.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:openssh-7.2p2-78.13.1.aarch64"
},
"product_reference": "openssh-7.2p2-78.13.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-78.13.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:openssh-7.2p2-78.13.1.ppc64le"
},
"product_reference": "openssh-7.2p2-78.13.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-78.13.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:openssh-7.2p2-78.13.1.s390x"
},
"product_reference": "openssh-7.2p2-78.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-78.13.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:openssh-7.2p2-78.13.1.x86_64"
},
"product_reference": "openssh-7.2p2-78.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-78.13.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.aarch64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-78.13.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-78.13.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.ppc64le"
},
"product_reference": "openssh-askpass-gnome-7.2p2-78.13.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-78.13.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.s390x"
},
"product_reference": "openssh-askpass-gnome-7.2p2-78.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-78.13.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-78.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-78.13.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:openssh-fips-7.2p2-78.13.1.aarch64"
},
"product_reference": "openssh-fips-7.2p2-78.13.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-78.13.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:openssh-fips-7.2p2-78.13.1.ppc64le"
},
"product_reference": "openssh-fips-7.2p2-78.13.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-78.13.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:openssh-fips-7.2p2-78.13.1.s390x"
},
"product_reference": "openssh-fips-7.2p2-78.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-78.13.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:openssh-fips-7.2p2-78.13.1.x86_64"
},
"product_reference": "openssh-fips-7.2p2-78.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-78.13.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:openssh-helpers-7.2p2-78.13.1.aarch64"
},
"product_reference": "openssh-helpers-7.2p2-78.13.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-78.13.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:openssh-helpers-7.2p2-78.13.1.ppc64le"
},
"product_reference": "openssh-helpers-7.2p2-78.13.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-78.13.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:openssh-helpers-7.2p2-78.13.1.s390x"
},
"product_reference": "openssh-helpers-7.2p2-78.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-78.13.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:openssh-helpers-7.2p2-78.13.1.x86_64"
},
"product_reference": "openssh-helpers-7.2p2-78.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-78.13.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-7.2p2-78.13.1.aarch64"
},
"product_reference": "openssh-7.2p2-78.13.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-78.13.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-7.2p2-78.13.1.ppc64le"
},
"product_reference": "openssh-7.2p2-78.13.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-78.13.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-7.2p2-78.13.1.s390x"
},
"product_reference": "openssh-7.2p2-78.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-78.13.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-7.2p2-78.13.1.x86_64"
},
"product_reference": "openssh-7.2p2-78.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-78.13.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.aarch64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-78.13.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-78.13.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.ppc64le"
},
"product_reference": "openssh-askpass-gnome-7.2p2-78.13.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-78.13.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.s390x"
},
"product_reference": "openssh-askpass-gnome-7.2p2-78.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-78.13.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-78.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-78.13.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-fips-7.2p2-78.13.1.aarch64"
},
"product_reference": "openssh-fips-7.2p2-78.13.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-78.13.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-fips-7.2p2-78.13.1.ppc64le"
},
"product_reference": "openssh-fips-7.2p2-78.13.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-78.13.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-fips-7.2p2-78.13.1.s390x"
},
"product_reference": "openssh-fips-7.2p2-78.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-78.13.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-fips-7.2p2-78.13.1.x86_64"
},
"product_reference": "openssh-fips-7.2p2-78.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-78.13.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-helpers-7.2p2-78.13.1.aarch64"
},
"product_reference": "openssh-helpers-7.2p2-78.13.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-78.13.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-helpers-7.2p2-78.13.1.ppc64le"
},
"product_reference": "openssh-helpers-7.2p2-78.13.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-78.13.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-helpers-7.2p2-78.13.1.s390x"
},
"product_reference": "openssh-helpers-7.2p2-78.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-78.13.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-helpers-7.2p2-78.13.1.x86_64"
},
"product_reference": "openssh-helpers-7.2p2-78.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-41617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-41617"
}
],
"notes": [
{
"category": "general",
"text": "sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-askpass-gnome-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-askpass-gnome-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-askpass-gnome-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-askpass-gnome-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-fips-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-fips-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-fips-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-fips-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-helpers-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-helpers-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-helpers-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-helpers-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssh-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssh-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssh-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssh-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssh-fips-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssh-fips-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssh-fips-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssh-fips-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssh-helpers-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssh-helpers-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssh-helpers-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssh-helpers-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-askpass-gnome-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-askpass-gnome-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-fips-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-fips-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-helpers-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-helpers-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-fips-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-fips-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-fips-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-fips-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-helpers-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-helpers-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-helpers-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-helpers-7.2p2-78.13.1.x86_64",
"SUSE OpenStack Cloud 9:openssh-7.2p2-78.13.1.x86_64",
"SUSE OpenStack Cloud 9:openssh-askpass-gnome-7.2p2-78.13.1.x86_64",
"SUSE OpenStack Cloud 9:openssh-fips-7.2p2-78.13.1.x86_64",
"SUSE OpenStack Cloud 9:openssh-helpers-7.2p2-78.13.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:openssh-7.2p2-78.13.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:openssh-askpass-gnome-7.2p2-78.13.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:openssh-fips-7.2p2-78.13.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:openssh-helpers-7.2p2-78.13.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-41617",
"url": "https://www.suse.com/security/cve/CVE-2021-41617"
},
{
"category": "external",
"summary": "SUSE Bug 1190975 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1190975"
},
{
"category": "external",
"summary": "SUSE Bug 1193497 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1193497"
},
{
"category": "external",
"summary": "SUSE Bug 1196721 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1196721"
},
{
"category": "external",
"summary": "SUSE Bug 1200782 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1200782"
},
{
"category": "external",
"summary": "SUSE Bug 1205056 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1205056"
},
{
"category": "external",
"summary": "SUSE Bug 1212247 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1212247"
},
{
"category": "external",
"summary": "SUSE Bug 1212281 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1212281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-askpass-gnome-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-askpass-gnome-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-askpass-gnome-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-askpass-gnome-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-fips-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-fips-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-fips-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-fips-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-helpers-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-helpers-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-helpers-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-helpers-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssh-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssh-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssh-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssh-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssh-fips-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssh-fips-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssh-fips-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssh-fips-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssh-helpers-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssh-helpers-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssh-helpers-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssh-helpers-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-askpass-gnome-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-askpass-gnome-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-fips-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-fips-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-helpers-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-helpers-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-fips-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-fips-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-fips-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-fips-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-helpers-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-helpers-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-helpers-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-helpers-7.2p2-78.13.1.x86_64",
"SUSE OpenStack Cloud 9:openssh-7.2p2-78.13.1.x86_64",
"SUSE OpenStack Cloud 9:openssh-askpass-gnome-7.2p2-78.13.1.x86_64",
"SUSE OpenStack Cloud 9:openssh-fips-7.2p2-78.13.1.x86_64",
"SUSE OpenStack Cloud 9:openssh-helpers-7.2p2-78.13.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:openssh-7.2p2-78.13.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:openssh-askpass-gnome-7.2p2-78.13.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:openssh-fips-7.2p2-78.13.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:openssh-helpers-7.2p2-78.13.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-askpass-gnome-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-askpass-gnome-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-askpass-gnome-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-askpass-gnome-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-fips-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-fips-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-fips-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-fips-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-helpers-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-helpers-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-helpers-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:openssh-helpers-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssh-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssh-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssh-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssh-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssh-fips-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssh-fips-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssh-fips-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssh-fips-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssh-helpers-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssh-helpers-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssh-helpers-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssh-helpers-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-askpass-gnome-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-askpass-gnome-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-fips-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-fips-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-helpers-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:openssh-helpers-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-askpass-gnome-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-fips-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-fips-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-fips-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-fips-7.2p2-78.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-helpers-7.2p2-78.13.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-helpers-7.2p2-78.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-helpers-7.2p2-78.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-helpers-7.2p2-78.13.1.x86_64",
"SUSE OpenStack Cloud 9:openssh-7.2p2-78.13.1.x86_64",
"SUSE OpenStack Cloud 9:openssh-askpass-gnome-7.2p2-78.13.1.x86_64",
"SUSE OpenStack Cloud 9:openssh-fips-7.2p2-78.13.1.x86_64",
"SUSE OpenStack Cloud 9:openssh-helpers-7.2p2-78.13.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:openssh-7.2p2-78.13.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:openssh-askpass-gnome-7.2p2-78.13.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:openssh-fips-7.2p2-78.13.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:openssh-helpers-7.2p2-78.13.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-12-02T07:19:04Z",
"details": "important"
}
],
"title": "CVE-2021-41617"
}
]
}
SUSE-SU-2021:14870-1
Vulnerability from csaf_suse - Published: 2021-12-23 11:34 - Updated: 2021-12-23 11:34Summary
Security update for openssh-openssl1
Notes
Title of the patch
Security update for openssh-openssl1
Description of the patch
This update for openssh-openssl1 fixes the following issues:
- CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured (bsc#1190975).
Patchnames
secsp3-openssh-openssl1-14870
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssh-openssl1",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssh-openssl1 fixes the following issues:\n\n- CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured (bsc#1190975).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "secsp3-openssh-openssl1-14870",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_14870-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:14870-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-202114870-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:14870-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-December/009937.html"
},
{
"category": "self",
"summary": "SUSE Bug 1190975",
"url": "https://bugzilla.suse.com/1190975"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-41617 page",
"url": "https://www.suse.com/security/cve/CVE-2021-41617/"
}
],
"title": "Security update for openssh-openssl1",
"tracking": {
"current_release_date": "2021-12-23T11:34:43Z",
"generator": {
"date": "2021-12-23T11:34:43Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:14870-1",
"initial_release_date": "2021-12-23T11:34:43Z",
"revision_history": [
{
"date": "2021-12-23T11:34:43Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssh-openssl1-6.6p1-19.12.1.i586",
"product": {
"name": "openssh-openssl1-6.6p1-19.12.1.i586",
"product_id": "openssh-openssl1-6.6p1-19.12.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-openssl1-helpers-6.6p1-19.12.1.i586",
"product": {
"name": "openssh-openssl1-helpers-6.6p1-19.12.1.i586",
"product_id": "openssh-openssl1-helpers-6.6p1-19.12.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-openssl1-6.6p1-19.12.1.ia64",
"product": {
"name": "openssh-openssl1-6.6p1-19.12.1.ia64",
"product_id": "openssh-openssl1-6.6p1-19.12.1.ia64"
}
},
{
"category": "product_version",
"name": "openssh-openssl1-helpers-6.6p1-19.12.1.ia64",
"product": {
"name": "openssh-openssl1-helpers-6.6p1-19.12.1.ia64",
"product_id": "openssh-openssl1-helpers-6.6p1-19.12.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-openssl1-6.6p1-19.12.1.ppc64",
"product": {
"name": "openssh-openssl1-6.6p1-19.12.1.ppc64",
"product_id": "openssh-openssl1-6.6p1-19.12.1.ppc64"
}
},
{
"category": "product_version",
"name": "openssh-openssl1-helpers-6.6p1-19.12.1.ppc64",
"product": {
"name": "openssh-openssl1-helpers-6.6p1-19.12.1.ppc64",
"product_id": "openssh-openssl1-helpers-6.6p1-19.12.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-openssl1-6.6p1-19.12.1.s390x",
"product": {
"name": "openssh-openssl1-6.6p1-19.12.1.s390x",
"product_id": "openssh-openssl1-6.6p1-19.12.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-openssl1-helpers-6.6p1-19.12.1.s390x",
"product": {
"name": "openssh-openssl1-helpers-6.6p1-19.12.1.s390x",
"product_id": "openssh-openssl1-helpers-6.6p1-19.12.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-openssl1-6.6p1-19.12.1.x86_64",
"product": {
"name": "openssh-openssl1-6.6p1-19.12.1.x86_64",
"product_id": "openssh-openssl1-6.6p1-19.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-openssl1-helpers-6.6p1-19.12.1.x86_64",
"product": {
"name": "openssh-openssl1-helpers-6.6p1-19.12.1.x86_64",
"product_id": "openssh-openssl1-helpers-6.6p1-19.12.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11-SECURITY",
"product": {
"name": "SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:11:security"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-6.6p1-19.12.1.i586 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.12.1.i586"
},
"product_reference": "openssh-openssl1-6.6p1-19.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-6.6p1-19.12.1.ia64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.12.1.ia64"
},
"product_reference": "openssh-openssl1-6.6p1-19.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-6.6p1-19.12.1.ppc64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.12.1.ppc64"
},
"product_reference": "openssh-openssl1-6.6p1-19.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-6.6p1-19.12.1.s390x as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.12.1.s390x"
},
"product_reference": "openssh-openssl1-6.6p1-19.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-6.6p1-19.12.1.x86_64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.12.1.x86_64"
},
"product_reference": "openssh-openssl1-6.6p1-19.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-helpers-6.6p1-19.12.1.i586 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.12.1.i586"
},
"product_reference": "openssh-openssl1-helpers-6.6p1-19.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-helpers-6.6p1-19.12.1.ia64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.12.1.ia64"
},
"product_reference": "openssh-openssl1-helpers-6.6p1-19.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-helpers-6.6p1-19.12.1.ppc64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.12.1.ppc64"
},
"product_reference": "openssh-openssl1-helpers-6.6p1-19.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-helpers-6.6p1-19.12.1.s390x as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.12.1.s390x"
},
"product_reference": "openssh-openssl1-helpers-6.6p1-19.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-openssl1-helpers-6.6p1-19.12.1.x86_64 as component of SUSE Linux Enterprise Server 11-SECURITY",
"product_id": "SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.12.1.x86_64"
},
"product_reference": "openssh-openssl1-helpers-6.6p1-19.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11-SECURITY"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-41617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-41617"
}
],
"notes": [
{
"category": "general",
"text": "sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.12.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-41617",
"url": "https://www.suse.com/security/cve/CVE-2021-41617"
},
{
"category": "external",
"summary": "SUSE Bug 1190975 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1190975"
},
{
"category": "external",
"summary": "SUSE Bug 1193497 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1193497"
},
{
"category": "external",
"summary": "SUSE Bug 1196721 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1196721"
},
{
"category": "external",
"summary": "SUSE Bug 1200782 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1200782"
},
{
"category": "external",
"summary": "SUSE Bug 1205056 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1205056"
},
{
"category": "external",
"summary": "SUSE Bug 1212247 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1212247"
},
{
"category": "external",
"summary": "SUSE Bug 1212281 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1212281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.12.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-19.12.1.x86_64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.12.1.i586",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.12.1.ia64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.12.1.ppc64",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.12.1.s390x",
"SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-19.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-12-23T11:34:43Z",
"details": "important"
}
],
"title": "CVE-2021-41617"
}
]
}
SUSE-SU-2022:0805-1
Vulnerability from csaf_suse - Published: 2022-03-10 17:05 - Updated: 2022-03-10 17:05Summary
Security update for openssh
Notes
Title of the patch
Security update for openssh
Description of the patch
This update for openssh fixes the following issues:
- CVE-2021-41617: Fixed a potential privilege escalation for non-default
configuration settings (bsc#1190975).
Patchnames
SUSE-2022-805,SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-805,SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-805,SUSE-SLE-Product-RT-15-SP2-2022-805,SUSE-SLE-Product-SLES-15-SP2-BCL-2022-805,SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-805,SUSE-SLE-Product-SLES_SAP-15-SP2-2022-805,SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-805,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-805,SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-805,SUSE-SUSE-MicroOS-5.0-2022-805,SUSE-Storage-7-2022-805
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssh",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssh fixes the following issues:\n\n- CVE-2021-41617: Fixed a potential privilege escalation for non-default\n configuration settings (bsc#1190975).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-805,SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-805,SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-805,SUSE-SLE-Product-RT-15-SP2-2022-805,SUSE-SLE-Product-SLES-15-SP2-BCL-2022-805,SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-805,SUSE-SLE-Product-SLES_SAP-15-SP2-2022-805,SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-805,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-805,SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-805,SUSE-SUSE-MicroOS-5.0-2022-805,SUSE-Storage-7-2022-805",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_0805-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:0805-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20220805-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:0805-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010415.html"
},
{
"category": "self",
"summary": "SUSE Bug 1190975",
"url": "https://bugzilla.suse.com/1190975"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-41617 page",
"url": "https://www.suse.com/security/cve/CVE-2021-41617/"
}
],
"title": "Security update for openssh",
"tracking": {
"current_release_date": "2022-03-10T17:05:58Z",
"generator": {
"date": "2022-03-10T17:05:58Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:0805-1",
"initial_release_date": "2022-03-10T17:05:58Z",
"revision_history": [
{
"date": "2022-03-10T17:05:58Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssh-8.1p1-5.21.1.aarch64",
"product": {
"name": "openssh-8.1p1-5.21.1.aarch64",
"product_id": "openssh-8.1p1-5.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-8.1p1-5.21.1.aarch64",
"product": {
"name": "openssh-askpass-gnome-8.1p1-5.21.1.aarch64",
"product_id": "openssh-askpass-gnome-8.1p1-5.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-cavs-8.1p1-5.21.1.aarch64",
"product": {
"name": "openssh-cavs-8.1p1-5.21.1.aarch64",
"product_id": "openssh-cavs-8.1p1-5.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-fips-8.1p1-5.21.1.aarch64",
"product": {
"name": "openssh-fips-8.1p1-5.21.1.aarch64",
"product_id": "openssh-fips-8.1p1-5.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-8.1p1-5.21.1.aarch64",
"product": {
"name": "openssh-helpers-8.1p1-5.21.1.aarch64",
"product_id": "openssh-helpers-8.1p1-5.21.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-8.1p1-5.21.1.i586",
"product": {
"name": "openssh-8.1p1-5.21.1.i586",
"product_id": "openssh-8.1p1-5.21.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-8.1p1-5.21.1.i586",
"product": {
"name": "openssh-askpass-gnome-8.1p1-5.21.1.i586",
"product_id": "openssh-askpass-gnome-8.1p1-5.21.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-cavs-8.1p1-5.21.1.i586",
"product": {
"name": "openssh-cavs-8.1p1-5.21.1.i586",
"product_id": "openssh-cavs-8.1p1-5.21.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-fips-8.1p1-5.21.1.i586",
"product": {
"name": "openssh-fips-8.1p1-5.21.1.i586",
"product_id": "openssh-fips-8.1p1-5.21.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-helpers-8.1p1-5.21.1.i586",
"product": {
"name": "openssh-helpers-8.1p1-5.21.1.i586",
"product_id": "openssh-helpers-8.1p1-5.21.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-8.1p1-5.21.1.ppc64le",
"product": {
"name": "openssh-8.1p1-5.21.1.ppc64le",
"product_id": "openssh-8.1p1-5.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-8.1p1-5.21.1.ppc64le",
"product": {
"name": "openssh-askpass-gnome-8.1p1-5.21.1.ppc64le",
"product_id": "openssh-askpass-gnome-8.1p1-5.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-cavs-8.1p1-5.21.1.ppc64le",
"product": {
"name": "openssh-cavs-8.1p1-5.21.1.ppc64le",
"product_id": "openssh-cavs-8.1p1-5.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-fips-8.1p1-5.21.1.ppc64le",
"product": {
"name": "openssh-fips-8.1p1-5.21.1.ppc64le",
"product_id": "openssh-fips-8.1p1-5.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-helpers-8.1p1-5.21.1.ppc64le",
"product": {
"name": "openssh-helpers-8.1p1-5.21.1.ppc64le",
"product_id": "openssh-helpers-8.1p1-5.21.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-8.1p1-5.21.1.s390x",
"product": {
"name": "openssh-8.1p1-5.21.1.s390x",
"product_id": "openssh-8.1p1-5.21.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-8.1p1-5.21.1.s390x",
"product": {
"name": "openssh-askpass-gnome-8.1p1-5.21.1.s390x",
"product_id": "openssh-askpass-gnome-8.1p1-5.21.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-cavs-8.1p1-5.21.1.s390x",
"product": {
"name": "openssh-cavs-8.1p1-5.21.1.s390x",
"product_id": "openssh-cavs-8.1p1-5.21.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-fips-8.1p1-5.21.1.s390x",
"product": {
"name": "openssh-fips-8.1p1-5.21.1.s390x",
"product_id": "openssh-fips-8.1p1-5.21.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-helpers-8.1p1-5.21.1.s390x",
"product": {
"name": "openssh-helpers-8.1p1-5.21.1.s390x",
"product_id": "openssh-helpers-8.1p1-5.21.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-8.1p1-5.21.1.x86_64",
"product": {
"name": "openssh-8.1p1-5.21.1.x86_64",
"product_id": "openssh-8.1p1-5.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"product": {
"name": "openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"product_id": "openssh-askpass-gnome-8.1p1-5.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-cavs-8.1p1-5.21.1.x86_64",
"product": {
"name": "openssh-cavs-8.1p1-5.21.1.x86_64",
"product_id": "openssh-cavs-8.1p1-5.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-fips-8.1p1-5.21.1.x86_64",
"product": {
"name": "openssh-fips-8.1p1-5.21.1.x86_64",
"product_id": "openssh-fips-8.1p1-5.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-8.1p1-5.21.1.x86_64",
"product": {
"name": "openssh-helpers-8.1p1-5.21.1.x86_64",
"product_id": "openssh-helpers-8.1p1-5.21.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Real Time 15 SP2",
"product_id": "SUSE Linux Enterprise Real Time 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_rt:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_bcl:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy 4.1",
"product": {
"name": "SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Retail Branch Server 4.1",
"product": {
"name": "SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-retail-branch-server:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 4.1",
"product": {
"name": "SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.0",
"product": {
"name": "SUSE Linux Enterprise Micro 5.0",
"product_id": "SUSE Linux Enterprise Micro 5.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.0"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7",
"product": {
"name": "SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.1p1-5.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-8.1p1-5.21.1.aarch64"
},
"product_reference": "openssh-8.1p1-5.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.1p1-5.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-8.1p1-5.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-askpass-gnome-8.1p1-5.21.1.aarch64"
},
"product_reference": "openssh-askpass-gnome-8.1p1-5.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-8.1p1-5.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-askpass-gnome-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.1p1-5.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-fips-8.1p1-5.21.1.aarch64"
},
"product_reference": "openssh-fips-8.1p1-5.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.1p1-5.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-fips-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-fips-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.1p1-5.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-helpers-8.1p1-5.21.1.aarch64"
},
"product_reference": "openssh-helpers-8.1p1-5.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.1p1-5.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-helpers-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-helpers-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.1p1-5.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-8.1p1-5.21.1.aarch64"
},
"product_reference": "openssh-8.1p1-5.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.1p1-5.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-8.1p1-5.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-askpass-gnome-8.1p1-5.21.1.aarch64"
},
"product_reference": "openssh-askpass-gnome-8.1p1-5.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-8.1p1-5.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-askpass-gnome-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.1p1-5.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-fips-8.1p1-5.21.1.aarch64"
},
"product_reference": "openssh-fips-8.1p1-5.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.1p1-5.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-fips-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-fips-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.1p1-5.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-helpers-8.1p1-5.21.1.aarch64"
},
"product_reference": "openssh-helpers-8.1p1-5.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.1p1-5.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-helpers-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-helpers-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.1p1-5.21.1.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP2",
"product_id": "SUSE Linux Enterprise Real Time 15 SP2:openssh-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-8.1p1-5.21.1.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP2",
"product_id": "SUSE Linux Enterprise Real Time 15 SP2:openssh-askpass-gnome-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.1p1-5.21.1.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP2",
"product_id": "SUSE Linux Enterprise Real Time 15 SP2:openssh-fips-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-fips-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.1p1-5.21.1.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP2",
"product_id": "SUSE Linux Enterprise Real Time 15 SP2:openssh-helpers-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-helpers-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.1p1-5.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:openssh-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-8.1p1-5.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:openssh-askpass-gnome-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.1p1-5.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:openssh-fips-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-fips-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.1p1-5.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:openssh-helpers-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-helpers-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.1p1-5.21.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-8.1p1-5.21.1.aarch64"
},
"product_reference": "openssh-8.1p1-5.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.1p1-5.21.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-8.1p1-5.21.1.ppc64le"
},
"product_reference": "openssh-8.1p1-5.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.1p1-5.21.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-8.1p1-5.21.1.s390x"
},
"product_reference": "openssh-8.1p1-5.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.1p1-5.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-8.1p1-5.21.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-askpass-gnome-8.1p1-5.21.1.aarch64"
},
"product_reference": "openssh-askpass-gnome-8.1p1-5.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-8.1p1-5.21.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-askpass-gnome-8.1p1-5.21.1.ppc64le"
},
"product_reference": "openssh-askpass-gnome-8.1p1-5.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-8.1p1-5.21.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-askpass-gnome-8.1p1-5.21.1.s390x"
},
"product_reference": "openssh-askpass-gnome-8.1p1-5.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-8.1p1-5.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-askpass-gnome-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.1p1-5.21.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-fips-8.1p1-5.21.1.aarch64"
},
"product_reference": "openssh-fips-8.1p1-5.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.1p1-5.21.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-fips-8.1p1-5.21.1.ppc64le"
},
"product_reference": "openssh-fips-8.1p1-5.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.1p1-5.21.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-fips-8.1p1-5.21.1.s390x"
},
"product_reference": "openssh-fips-8.1p1-5.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.1p1-5.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-fips-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-fips-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.1p1-5.21.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-helpers-8.1p1-5.21.1.aarch64"
},
"product_reference": "openssh-helpers-8.1p1-5.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.1p1-5.21.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-helpers-8.1p1-5.21.1.ppc64le"
},
"product_reference": "openssh-helpers-8.1p1-5.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.1p1-5.21.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-helpers-8.1p1-5.21.1.s390x"
},
"product_reference": "openssh-helpers-8.1p1-5.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.1p1-5.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-helpers-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-helpers-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.1p1-5.21.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-8.1p1-5.21.1.ppc64le"
},
"product_reference": "openssh-8.1p1-5.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.1p1-5.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-8.1p1-5.21.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-askpass-gnome-8.1p1-5.21.1.ppc64le"
},
"product_reference": "openssh-askpass-gnome-8.1p1-5.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-8.1p1-5.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-askpass-gnome-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.1p1-5.21.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-fips-8.1p1-5.21.1.ppc64le"
},
"product_reference": "openssh-fips-8.1p1-5.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.1p1-5.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-fips-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-fips-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.1p1-5.21.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-helpers-8.1p1-5.21.1.ppc64le"
},
"product_reference": "openssh-helpers-8.1p1-5.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.1p1-5.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-helpers-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-helpers-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.1p1-5.21.1.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:openssh-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-8.1p1-5.21.1.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:openssh-askpass-gnome-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.1p1-5.21.1.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:openssh-fips-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-fips-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.1p1-5.21.1.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:openssh-helpers-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-helpers-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.1p1-5.21.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:openssh-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-8.1p1-5.21.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:openssh-askpass-gnome-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.1p1-5.21.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:openssh-fips-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-fips-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.1p1-5.21.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:openssh-helpers-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-helpers-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.1p1-5.21.1.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:openssh-8.1p1-5.21.1.ppc64le"
},
"product_reference": "openssh-8.1p1-5.21.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.1p1-5.21.1.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:openssh-8.1p1-5.21.1.s390x"
},
"product_reference": "openssh-8.1p1-5.21.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.1p1-5.21.1.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:openssh-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-8.1p1-5.21.1.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:openssh-askpass-gnome-8.1p1-5.21.1.ppc64le"
},
"product_reference": "openssh-askpass-gnome-8.1p1-5.21.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-8.1p1-5.21.1.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:openssh-askpass-gnome-8.1p1-5.21.1.s390x"
},
"product_reference": "openssh-askpass-gnome-8.1p1-5.21.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-8.1p1-5.21.1.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:openssh-askpass-gnome-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.1p1-5.21.1.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:openssh-fips-8.1p1-5.21.1.ppc64le"
},
"product_reference": "openssh-fips-8.1p1-5.21.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.1p1-5.21.1.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:openssh-fips-8.1p1-5.21.1.s390x"
},
"product_reference": "openssh-fips-8.1p1-5.21.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.1p1-5.21.1.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:openssh-fips-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-fips-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.1p1-5.21.1.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:openssh-helpers-8.1p1-5.21.1.ppc64le"
},
"product_reference": "openssh-helpers-8.1p1-5.21.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.1p1-5.21.1.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:openssh-helpers-8.1p1-5.21.1.s390x"
},
"product_reference": "openssh-helpers-8.1p1-5.21.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.1p1-5.21.1.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:openssh-helpers-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-helpers-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.1p1-5.21.1.aarch64 as component of SUSE Linux Enterprise Micro 5.0",
"product_id": "SUSE Linux Enterprise Micro 5.0:openssh-8.1p1-5.21.1.aarch64"
},
"product_reference": "openssh-8.1p1-5.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.1p1-5.21.1.x86_64 as component of SUSE Linux Enterprise Micro 5.0",
"product_id": "SUSE Linux Enterprise Micro 5.0:openssh-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.1p1-5.21.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:openssh-8.1p1-5.21.1.aarch64"
},
"product_reference": "openssh-8.1p1-5.21.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.1p1-5.21.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:openssh-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-8.1p1-5.21.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:openssh-askpass-gnome-8.1p1-5.21.1.aarch64"
},
"product_reference": "openssh-askpass-gnome-8.1p1-5.21.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-8.1p1-5.21.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:openssh-askpass-gnome-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.1p1-5.21.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:openssh-fips-8.1p1-5.21.1.aarch64"
},
"product_reference": "openssh-fips-8.1p1-5.21.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.1p1-5.21.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:openssh-fips-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-fips-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.1p1-5.21.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:openssh-helpers-8.1p1-5.21.1.aarch64"
},
"product_reference": "openssh-helpers-8.1p1-5.21.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.1p1-5.21.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:openssh-helpers-8.1p1-5.21.1.x86_64"
},
"product_reference": "openssh-helpers-8.1p1-5.21.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-41617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-41617"
}
],
"notes": [
{
"category": "general",
"text": "sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:openssh-8.1p1-5.21.1.aarch64",
"SUSE Enterprise Storage 7:openssh-8.1p1-5.21.1.x86_64",
"SUSE Enterprise Storage 7:openssh-askpass-gnome-8.1p1-5.21.1.aarch64",
"SUSE Enterprise Storage 7:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Enterprise Storage 7:openssh-fips-8.1p1-5.21.1.aarch64",
"SUSE Enterprise Storage 7:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Enterprise Storage 7:openssh-helpers-8.1p1-5.21.1.aarch64",
"SUSE Enterprise Storage 7:openssh-helpers-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-askpass-gnome-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-fips-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-helpers-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-helpers-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-askpass-gnome-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-fips-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-helpers-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-helpers-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.0:openssh-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.0:openssh-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:openssh-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:openssh-helpers-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:openssh-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:openssh-helpers-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-8.1p1-5.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-8.1p1-5.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-askpass-gnome-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-askpass-gnome-8.1p1-5.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-askpass-gnome-8.1p1-5.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-fips-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-fips-8.1p1-5.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-fips-8.1p1-5.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-helpers-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-helpers-8.1p1-5.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-helpers-8.1p1-5.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-helpers-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-8.1p1-5.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-askpass-gnome-8.1p1-5.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-fips-8.1p1-5.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-helpers-8.1p1-5.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-helpers-8.1p1-5.21.1.x86_64",
"SUSE Manager Proxy 4.1:openssh-8.1p1-5.21.1.x86_64",
"SUSE Manager Proxy 4.1:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Manager Proxy 4.1:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Manager Proxy 4.1:openssh-helpers-8.1p1-5.21.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:openssh-8.1p1-5.21.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:openssh-helpers-8.1p1-5.21.1.x86_64",
"SUSE Manager Server 4.1:openssh-8.1p1-5.21.1.ppc64le",
"SUSE Manager Server 4.1:openssh-8.1p1-5.21.1.s390x",
"SUSE Manager Server 4.1:openssh-8.1p1-5.21.1.x86_64",
"SUSE Manager Server 4.1:openssh-askpass-gnome-8.1p1-5.21.1.ppc64le",
"SUSE Manager Server 4.1:openssh-askpass-gnome-8.1p1-5.21.1.s390x",
"SUSE Manager Server 4.1:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Manager Server 4.1:openssh-fips-8.1p1-5.21.1.ppc64le",
"SUSE Manager Server 4.1:openssh-fips-8.1p1-5.21.1.s390x",
"SUSE Manager Server 4.1:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Manager Server 4.1:openssh-helpers-8.1p1-5.21.1.ppc64le",
"SUSE Manager Server 4.1:openssh-helpers-8.1p1-5.21.1.s390x",
"SUSE Manager Server 4.1:openssh-helpers-8.1p1-5.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-41617",
"url": "https://www.suse.com/security/cve/CVE-2021-41617"
},
{
"category": "external",
"summary": "SUSE Bug 1190975 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1190975"
},
{
"category": "external",
"summary": "SUSE Bug 1193497 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1193497"
},
{
"category": "external",
"summary": "SUSE Bug 1196721 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1196721"
},
{
"category": "external",
"summary": "SUSE Bug 1200782 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1200782"
},
{
"category": "external",
"summary": "SUSE Bug 1205056 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1205056"
},
{
"category": "external",
"summary": "SUSE Bug 1212247 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1212247"
},
{
"category": "external",
"summary": "SUSE Bug 1212281 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1212281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:openssh-8.1p1-5.21.1.aarch64",
"SUSE Enterprise Storage 7:openssh-8.1p1-5.21.1.x86_64",
"SUSE Enterprise Storage 7:openssh-askpass-gnome-8.1p1-5.21.1.aarch64",
"SUSE Enterprise Storage 7:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Enterprise Storage 7:openssh-fips-8.1p1-5.21.1.aarch64",
"SUSE Enterprise Storage 7:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Enterprise Storage 7:openssh-helpers-8.1p1-5.21.1.aarch64",
"SUSE Enterprise Storage 7:openssh-helpers-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-askpass-gnome-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-fips-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-helpers-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-helpers-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-askpass-gnome-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-fips-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-helpers-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-helpers-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.0:openssh-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.0:openssh-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:openssh-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:openssh-helpers-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:openssh-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:openssh-helpers-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-8.1p1-5.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-8.1p1-5.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-askpass-gnome-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-askpass-gnome-8.1p1-5.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-askpass-gnome-8.1p1-5.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-fips-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-fips-8.1p1-5.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-fips-8.1p1-5.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-helpers-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-helpers-8.1p1-5.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-helpers-8.1p1-5.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-helpers-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-8.1p1-5.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-askpass-gnome-8.1p1-5.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-fips-8.1p1-5.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-helpers-8.1p1-5.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-helpers-8.1p1-5.21.1.x86_64",
"SUSE Manager Proxy 4.1:openssh-8.1p1-5.21.1.x86_64",
"SUSE Manager Proxy 4.1:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Manager Proxy 4.1:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Manager Proxy 4.1:openssh-helpers-8.1p1-5.21.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:openssh-8.1p1-5.21.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:openssh-helpers-8.1p1-5.21.1.x86_64",
"SUSE Manager Server 4.1:openssh-8.1p1-5.21.1.ppc64le",
"SUSE Manager Server 4.1:openssh-8.1p1-5.21.1.s390x",
"SUSE Manager Server 4.1:openssh-8.1p1-5.21.1.x86_64",
"SUSE Manager Server 4.1:openssh-askpass-gnome-8.1p1-5.21.1.ppc64le",
"SUSE Manager Server 4.1:openssh-askpass-gnome-8.1p1-5.21.1.s390x",
"SUSE Manager Server 4.1:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Manager Server 4.1:openssh-fips-8.1p1-5.21.1.ppc64le",
"SUSE Manager Server 4.1:openssh-fips-8.1p1-5.21.1.s390x",
"SUSE Manager Server 4.1:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Manager Server 4.1:openssh-helpers-8.1p1-5.21.1.ppc64le",
"SUSE Manager Server 4.1:openssh-helpers-8.1p1-5.21.1.s390x",
"SUSE Manager Server 4.1:openssh-helpers-8.1p1-5.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:openssh-8.1p1-5.21.1.aarch64",
"SUSE Enterprise Storage 7:openssh-8.1p1-5.21.1.x86_64",
"SUSE Enterprise Storage 7:openssh-askpass-gnome-8.1p1-5.21.1.aarch64",
"SUSE Enterprise Storage 7:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Enterprise Storage 7:openssh-fips-8.1p1-5.21.1.aarch64",
"SUSE Enterprise Storage 7:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Enterprise Storage 7:openssh-helpers-8.1p1-5.21.1.aarch64",
"SUSE Enterprise Storage 7:openssh-helpers-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-askpass-gnome-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-fips-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-helpers-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:openssh-helpers-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-askpass-gnome-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-fips-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-helpers-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:openssh-helpers-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Micro 5.0:openssh-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.0:openssh-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:openssh-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:openssh-helpers-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:openssh-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:openssh-helpers-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-8.1p1-5.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-8.1p1-5.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-askpass-gnome-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-askpass-gnome-8.1p1-5.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-askpass-gnome-8.1p1-5.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-fips-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-fips-8.1p1-5.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-fips-8.1p1-5.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-helpers-8.1p1-5.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-helpers-8.1p1-5.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-helpers-8.1p1-5.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:openssh-helpers-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-8.1p1-5.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-askpass-gnome-8.1p1-5.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-fips-8.1p1-5.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-helpers-8.1p1-5.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:openssh-helpers-8.1p1-5.21.1.x86_64",
"SUSE Manager Proxy 4.1:openssh-8.1p1-5.21.1.x86_64",
"SUSE Manager Proxy 4.1:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Manager Proxy 4.1:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Manager Proxy 4.1:openssh-helpers-8.1p1-5.21.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:openssh-8.1p1-5.21.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:openssh-helpers-8.1p1-5.21.1.x86_64",
"SUSE Manager Server 4.1:openssh-8.1p1-5.21.1.ppc64le",
"SUSE Manager Server 4.1:openssh-8.1p1-5.21.1.s390x",
"SUSE Manager Server 4.1:openssh-8.1p1-5.21.1.x86_64",
"SUSE Manager Server 4.1:openssh-askpass-gnome-8.1p1-5.21.1.ppc64le",
"SUSE Manager Server 4.1:openssh-askpass-gnome-8.1p1-5.21.1.s390x",
"SUSE Manager Server 4.1:openssh-askpass-gnome-8.1p1-5.21.1.x86_64",
"SUSE Manager Server 4.1:openssh-fips-8.1p1-5.21.1.ppc64le",
"SUSE Manager Server 4.1:openssh-fips-8.1p1-5.21.1.s390x",
"SUSE Manager Server 4.1:openssh-fips-8.1p1-5.21.1.x86_64",
"SUSE Manager Server 4.1:openssh-helpers-8.1p1-5.21.1.ppc64le",
"SUSE Manager Server 4.1:openssh-helpers-8.1p1-5.21.1.s390x",
"SUSE Manager Server 4.1:openssh-helpers-8.1p1-5.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-10T17:05:58Z",
"details": "important"
}
],
"title": "CVE-2021-41617"
}
]
}
SUSE-SU-2021:3887-1
Vulnerability from csaf_suse - Published: 2021-12-03 08:47 - Updated: 2021-12-03 08:47Summary
Security update for openssh
Notes
Title of the patch
Security update for openssh
Description of the patch
This update for openssh fixes the following issues:
- CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured (bsc#1190975).
Patchnames
SUSE-2021-3887,SUSE-SLE-Product-HPC-15-2021-3887,SUSE-SLE-Product-SLES-15-2021-3887,SUSE-SLE-Product-SLES_SAP-15-2021-3887
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssh",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssh fixes the following issues:\n\t \n- CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured (bsc#1190975).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-3887,SUSE-SLE-Product-HPC-15-2021-3887,SUSE-SLE-Product-SLES-15-2021-3887,SUSE-SLE-Product-SLES_SAP-15-2021-3887",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_3887-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:3887-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20213887-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:3887-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-December/009823.html"
},
{
"category": "self",
"summary": "SUSE Bug 1190975",
"url": "https://bugzilla.suse.com/1190975"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-41617 page",
"url": "https://www.suse.com/security/cve/CVE-2021-41617/"
}
],
"title": "Security update for openssh",
"tracking": {
"current_release_date": "2021-12-03T08:47:21Z",
"generator": {
"date": "2021-12-03T08:47:21Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:3887-1",
"initial_release_date": "2021-12-03T08:47:21Z",
"revision_history": [
{
"date": "2021-12-03T08:47:21Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.6p1-9.44.1.aarch64",
"product": {
"name": "openssh-7.6p1-9.44.1.aarch64",
"product_id": "openssh-7.6p1-9.44.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.6p1-9.44.1.aarch64",
"product": {
"name": "openssh-askpass-gnome-7.6p1-9.44.1.aarch64",
"product_id": "openssh-askpass-gnome-7.6p1-9.44.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-cavs-7.6p1-9.44.1.aarch64",
"product": {
"name": "openssh-cavs-7.6p1-9.44.1.aarch64",
"product_id": "openssh-cavs-7.6p1-9.44.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.6p1-9.44.1.aarch64",
"product": {
"name": "openssh-fips-7.6p1-9.44.1.aarch64",
"product_id": "openssh-fips-7.6p1-9.44.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.6p1-9.44.1.aarch64",
"product": {
"name": "openssh-helpers-7.6p1-9.44.1.aarch64",
"product_id": "openssh-helpers-7.6p1-9.44.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.6p1-9.44.1.i586",
"product": {
"name": "openssh-7.6p1-9.44.1.i586",
"product_id": "openssh-7.6p1-9.44.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.6p1-9.44.1.i586",
"product": {
"name": "openssh-askpass-gnome-7.6p1-9.44.1.i586",
"product_id": "openssh-askpass-gnome-7.6p1-9.44.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-cavs-7.6p1-9.44.1.i586",
"product": {
"name": "openssh-cavs-7.6p1-9.44.1.i586",
"product_id": "openssh-cavs-7.6p1-9.44.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.6p1-9.44.1.i586",
"product": {
"name": "openssh-fips-7.6p1-9.44.1.i586",
"product_id": "openssh-fips-7.6p1-9.44.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.6p1-9.44.1.i586",
"product": {
"name": "openssh-helpers-7.6p1-9.44.1.i586",
"product_id": "openssh-helpers-7.6p1-9.44.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.6p1-9.44.1.ppc64le",
"product": {
"name": "openssh-7.6p1-9.44.1.ppc64le",
"product_id": "openssh-7.6p1-9.44.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.6p1-9.44.1.ppc64le",
"product": {
"name": "openssh-askpass-gnome-7.6p1-9.44.1.ppc64le",
"product_id": "openssh-askpass-gnome-7.6p1-9.44.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-cavs-7.6p1-9.44.1.ppc64le",
"product": {
"name": "openssh-cavs-7.6p1-9.44.1.ppc64le",
"product_id": "openssh-cavs-7.6p1-9.44.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.6p1-9.44.1.ppc64le",
"product": {
"name": "openssh-fips-7.6p1-9.44.1.ppc64le",
"product_id": "openssh-fips-7.6p1-9.44.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.6p1-9.44.1.ppc64le",
"product": {
"name": "openssh-helpers-7.6p1-9.44.1.ppc64le",
"product_id": "openssh-helpers-7.6p1-9.44.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.6p1-9.44.1.s390x",
"product": {
"name": "openssh-7.6p1-9.44.1.s390x",
"product_id": "openssh-7.6p1-9.44.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.6p1-9.44.1.s390x",
"product": {
"name": "openssh-askpass-gnome-7.6p1-9.44.1.s390x",
"product_id": "openssh-askpass-gnome-7.6p1-9.44.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-cavs-7.6p1-9.44.1.s390x",
"product": {
"name": "openssh-cavs-7.6p1-9.44.1.s390x",
"product_id": "openssh-cavs-7.6p1-9.44.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.6p1-9.44.1.s390x",
"product": {
"name": "openssh-fips-7.6p1-9.44.1.s390x",
"product_id": "openssh-fips-7.6p1-9.44.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.6p1-9.44.1.s390x",
"product": {
"name": "openssh-helpers-7.6p1-9.44.1.s390x",
"product_id": "openssh-helpers-7.6p1-9.44.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.6p1-9.44.1.x86_64",
"product": {
"name": "openssh-7.6p1-9.44.1.x86_64",
"product_id": "openssh-7.6p1-9.44.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.6p1-9.44.1.x86_64",
"product": {
"name": "openssh-askpass-gnome-7.6p1-9.44.1.x86_64",
"product_id": "openssh-askpass-gnome-7.6p1-9.44.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-cavs-7.6p1-9.44.1.x86_64",
"product": {
"name": "openssh-cavs-7.6p1-9.44.1.x86_64",
"product_id": "openssh-cavs-7.6p1-9.44.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.6p1-9.44.1.x86_64",
"product": {
"name": "openssh-fips-7.6p1-9.44.1.x86_64",
"product_id": "openssh-fips-7.6p1-9.44.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.6p1-9.44.1.x86_64",
"product": {
"name": "openssh-helpers-7.6p1-9.44.1.x86_64",
"product_id": "openssh-helpers-7.6p1-9.44.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.6p1-9.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-7.6p1-9.44.1.aarch64"
},
"product_reference": "openssh-7.6p1-9.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.6p1-9.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-7.6p1-9.44.1.x86_64"
},
"product_reference": "openssh-7.6p1-9.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.6p1-9.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-askpass-gnome-7.6p1-9.44.1.aarch64"
},
"product_reference": "openssh-askpass-gnome-7.6p1-9.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.6p1-9.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-askpass-gnome-7.6p1-9.44.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.6p1-9.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.6p1-9.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-fips-7.6p1-9.44.1.aarch64"
},
"product_reference": "openssh-fips-7.6p1-9.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.6p1-9.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-fips-7.6p1-9.44.1.x86_64"
},
"product_reference": "openssh-fips-7.6p1-9.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.6p1-9.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-helpers-7.6p1-9.44.1.aarch64"
},
"product_reference": "openssh-helpers-7.6p1-9.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.6p1-9.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-helpers-7.6p1-9.44.1.x86_64"
},
"product_reference": "openssh-helpers-7.6p1-9.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.6p1-9.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-7.6p1-9.44.1.aarch64"
},
"product_reference": "openssh-7.6p1-9.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.6p1-9.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-7.6p1-9.44.1.x86_64"
},
"product_reference": "openssh-7.6p1-9.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.6p1-9.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-askpass-gnome-7.6p1-9.44.1.aarch64"
},
"product_reference": "openssh-askpass-gnome-7.6p1-9.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.6p1-9.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-askpass-gnome-7.6p1-9.44.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.6p1-9.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.6p1-9.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-fips-7.6p1-9.44.1.aarch64"
},
"product_reference": "openssh-fips-7.6p1-9.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.6p1-9.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-fips-7.6p1-9.44.1.x86_64"
},
"product_reference": "openssh-fips-7.6p1-9.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.6p1-9.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-helpers-7.6p1-9.44.1.aarch64"
},
"product_reference": "openssh-helpers-7.6p1-9.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.6p1-9.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-helpers-7.6p1-9.44.1.x86_64"
},
"product_reference": "openssh-helpers-7.6p1-9.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.6p1-9.44.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:openssh-7.6p1-9.44.1.aarch64"
},
"product_reference": "openssh-7.6p1-9.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.6p1-9.44.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:openssh-7.6p1-9.44.1.ppc64le"
},
"product_reference": "openssh-7.6p1-9.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.6p1-9.44.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:openssh-7.6p1-9.44.1.s390x"
},
"product_reference": "openssh-7.6p1-9.44.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.6p1-9.44.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:openssh-7.6p1-9.44.1.x86_64"
},
"product_reference": "openssh-7.6p1-9.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.6p1-9.44.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:openssh-askpass-gnome-7.6p1-9.44.1.aarch64"
},
"product_reference": "openssh-askpass-gnome-7.6p1-9.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.6p1-9.44.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:openssh-askpass-gnome-7.6p1-9.44.1.ppc64le"
},
"product_reference": "openssh-askpass-gnome-7.6p1-9.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.6p1-9.44.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:openssh-askpass-gnome-7.6p1-9.44.1.s390x"
},
"product_reference": "openssh-askpass-gnome-7.6p1-9.44.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.6p1-9.44.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:openssh-askpass-gnome-7.6p1-9.44.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.6p1-9.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.6p1-9.44.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:openssh-fips-7.6p1-9.44.1.aarch64"
},
"product_reference": "openssh-fips-7.6p1-9.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.6p1-9.44.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:openssh-fips-7.6p1-9.44.1.ppc64le"
},
"product_reference": "openssh-fips-7.6p1-9.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.6p1-9.44.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:openssh-fips-7.6p1-9.44.1.s390x"
},
"product_reference": "openssh-fips-7.6p1-9.44.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.6p1-9.44.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:openssh-fips-7.6p1-9.44.1.x86_64"
},
"product_reference": "openssh-fips-7.6p1-9.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.6p1-9.44.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:openssh-helpers-7.6p1-9.44.1.aarch64"
},
"product_reference": "openssh-helpers-7.6p1-9.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.6p1-9.44.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:openssh-helpers-7.6p1-9.44.1.ppc64le"
},
"product_reference": "openssh-helpers-7.6p1-9.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.6p1-9.44.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:openssh-helpers-7.6p1-9.44.1.s390x"
},
"product_reference": "openssh-helpers-7.6p1-9.44.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.6p1-9.44.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:openssh-helpers-7.6p1-9.44.1.x86_64"
},
"product_reference": "openssh-helpers-7.6p1-9.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.6p1-9.44.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:openssh-7.6p1-9.44.1.ppc64le"
},
"product_reference": "openssh-7.6p1-9.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.6p1-9.44.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:openssh-7.6p1-9.44.1.x86_64"
},
"product_reference": "openssh-7.6p1-9.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.6p1-9.44.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:openssh-askpass-gnome-7.6p1-9.44.1.ppc64le"
},
"product_reference": "openssh-askpass-gnome-7.6p1-9.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.6p1-9.44.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:openssh-askpass-gnome-7.6p1-9.44.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.6p1-9.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.6p1-9.44.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:openssh-fips-7.6p1-9.44.1.ppc64le"
},
"product_reference": "openssh-fips-7.6p1-9.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.6p1-9.44.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:openssh-fips-7.6p1-9.44.1.x86_64"
},
"product_reference": "openssh-fips-7.6p1-9.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.6p1-9.44.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:openssh-helpers-7.6p1-9.44.1.ppc64le"
},
"product_reference": "openssh-helpers-7.6p1-9.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.6p1-9.44.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:openssh-helpers-7.6p1-9.44.1.x86_64"
},
"product_reference": "openssh-helpers-7.6p1-9.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-41617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-41617"
}
],
"notes": [
{
"category": "general",
"text": "sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-askpass-gnome-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-askpass-gnome-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-fips-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-fips-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-helpers-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-helpers-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-askpass-gnome-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-askpass-gnome-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-fips-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-fips-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-helpers-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-helpers-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:openssh-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:openssh-7.6p1-9.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:openssh-7.6p1-9.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:openssh-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:openssh-askpass-gnome-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:openssh-askpass-gnome-7.6p1-9.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:openssh-askpass-gnome-7.6p1-9.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:openssh-askpass-gnome-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:openssh-fips-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:openssh-fips-7.6p1-9.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:openssh-fips-7.6p1-9.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:openssh-fips-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:openssh-helpers-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:openssh-helpers-7.6p1-9.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:openssh-helpers-7.6p1-9.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:openssh-helpers-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:openssh-7.6p1-9.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:openssh-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:openssh-askpass-gnome-7.6p1-9.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:openssh-askpass-gnome-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:openssh-fips-7.6p1-9.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:openssh-fips-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:openssh-helpers-7.6p1-9.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:openssh-helpers-7.6p1-9.44.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-41617",
"url": "https://www.suse.com/security/cve/CVE-2021-41617"
},
{
"category": "external",
"summary": "SUSE Bug 1190975 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1190975"
},
{
"category": "external",
"summary": "SUSE Bug 1193497 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1193497"
},
{
"category": "external",
"summary": "SUSE Bug 1196721 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1196721"
},
{
"category": "external",
"summary": "SUSE Bug 1200782 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1200782"
},
{
"category": "external",
"summary": "SUSE Bug 1205056 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1205056"
},
{
"category": "external",
"summary": "SUSE Bug 1212247 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1212247"
},
{
"category": "external",
"summary": "SUSE Bug 1212281 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1212281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-askpass-gnome-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-askpass-gnome-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-fips-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-fips-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-helpers-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-helpers-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-askpass-gnome-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-askpass-gnome-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-fips-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-fips-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-helpers-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-helpers-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:openssh-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:openssh-7.6p1-9.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:openssh-7.6p1-9.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:openssh-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:openssh-askpass-gnome-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:openssh-askpass-gnome-7.6p1-9.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:openssh-askpass-gnome-7.6p1-9.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:openssh-askpass-gnome-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:openssh-fips-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:openssh-fips-7.6p1-9.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:openssh-fips-7.6p1-9.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:openssh-fips-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:openssh-helpers-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:openssh-helpers-7.6p1-9.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:openssh-helpers-7.6p1-9.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:openssh-helpers-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:openssh-7.6p1-9.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:openssh-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:openssh-askpass-gnome-7.6p1-9.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:openssh-askpass-gnome-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:openssh-fips-7.6p1-9.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:openssh-fips-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:openssh-helpers-7.6p1-9.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:openssh-helpers-7.6p1-9.44.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-askpass-gnome-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-askpass-gnome-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-fips-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-fips-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-helpers-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:openssh-helpers-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-askpass-gnome-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-askpass-gnome-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-fips-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-fips-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-helpers-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:openssh-helpers-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:openssh-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:openssh-7.6p1-9.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:openssh-7.6p1-9.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:openssh-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:openssh-askpass-gnome-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:openssh-askpass-gnome-7.6p1-9.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:openssh-askpass-gnome-7.6p1-9.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:openssh-askpass-gnome-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:openssh-fips-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:openssh-fips-7.6p1-9.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:openssh-fips-7.6p1-9.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:openssh-fips-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:openssh-helpers-7.6p1-9.44.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:openssh-helpers-7.6p1-9.44.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:openssh-helpers-7.6p1-9.44.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:openssh-helpers-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:openssh-7.6p1-9.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:openssh-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:openssh-askpass-gnome-7.6p1-9.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:openssh-askpass-gnome-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:openssh-fips-7.6p1-9.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:openssh-fips-7.6p1-9.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:openssh-helpers-7.6p1-9.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:openssh-helpers-7.6p1-9.44.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-12-03T08:47:21Z",
"details": "important"
}
],
"title": "CVE-2021-41617"
}
]
}
SUSE-SU-2021:3951-1
Vulnerability from csaf_suse - Published: 2021-12-06 14:00 - Updated: 2021-12-06 14:00Summary
Security update for openssh
Notes
Title of the patch
Security update for openssh
Description of the patch
This update for openssh fixes the following issues:
- CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured (bsc#1190975).
Patchnames
HPE-Helion-OpenStack-8-2021-3951,SUSE-2021-3951,SUSE-OpenStack-Cloud-8-2021-3951,SUSE-OpenStack-Cloud-Crowbar-8-2021-3951,SUSE-SLE-SAP-12-SP3-2021-3951,SUSE-SLE-SERVER-12-SP2-BCL-2021-3951,SUSE-SLE-SERVER-12-SP3-2021-3951,SUSE-SLE-SERVER-12-SP3-BCL-2021-3951
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssh",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssh fixes the following issues:\n \n- CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured (bsc#1190975). \n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "HPE-Helion-OpenStack-8-2021-3951,SUSE-2021-3951,SUSE-OpenStack-Cloud-8-2021-3951,SUSE-OpenStack-Cloud-Crowbar-8-2021-3951,SUSE-SLE-SAP-12-SP3-2021-3951,SUSE-SLE-SERVER-12-SP2-BCL-2021-3951,SUSE-SLE-SERVER-12-SP3-2021-3951,SUSE-SLE-SERVER-12-SP3-BCL-2021-3951",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_3951-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:3951-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20213951-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:3951-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-December/009848.html"
},
{
"category": "self",
"summary": "SUSE Bug 1190975",
"url": "https://bugzilla.suse.com/1190975"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-41617 page",
"url": "https://www.suse.com/security/cve/CVE-2021-41617/"
}
],
"title": "Security update for openssh",
"tracking": {
"current_release_date": "2021-12-06T14:00:13Z",
"generator": {
"date": "2021-12-06T14:00:13Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:3951-1",
"initial_release_date": "2021-12-06T14:00:13Z",
"revision_history": [
{
"date": "2021-12-06T14:00:13Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.2p2-74.60.1.aarch64",
"product": {
"name": "openssh-7.2p2-74.60.1.aarch64",
"product_id": "openssh-7.2p2-74.60.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.2p2-74.60.1.aarch64",
"product": {
"name": "openssh-askpass-gnome-7.2p2-74.60.1.aarch64",
"product_id": "openssh-askpass-gnome-7.2p2-74.60.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-cavs-7.2p2-74.60.1.aarch64",
"product": {
"name": "openssh-cavs-7.2p2-74.60.1.aarch64",
"product_id": "openssh-cavs-7.2p2-74.60.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.2p2-74.60.1.aarch64",
"product": {
"name": "openssh-fips-7.2p2-74.60.1.aarch64",
"product_id": "openssh-fips-7.2p2-74.60.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.2p2-74.60.1.aarch64",
"product": {
"name": "openssh-helpers-7.2p2-74.60.1.aarch64",
"product_id": "openssh-helpers-7.2p2-74.60.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.2p2-74.60.1.i586",
"product": {
"name": "openssh-7.2p2-74.60.1.i586",
"product_id": "openssh-7.2p2-74.60.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.2p2-74.60.1.i586",
"product": {
"name": "openssh-askpass-gnome-7.2p2-74.60.1.i586",
"product_id": "openssh-askpass-gnome-7.2p2-74.60.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-cavs-7.2p2-74.60.1.i586",
"product": {
"name": "openssh-cavs-7.2p2-74.60.1.i586",
"product_id": "openssh-cavs-7.2p2-74.60.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.2p2-74.60.1.i586",
"product": {
"name": "openssh-fips-7.2p2-74.60.1.i586",
"product_id": "openssh-fips-7.2p2-74.60.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.2p2-74.60.1.i586",
"product": {
"name": "openssh-helpers-7.2p2-74.60.1.i586",
"product_id": "openssh-helpers-7.2p2-74.60.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.2p2-74.60.1.ppc64le",
"product": {
"name": "openssh-7.2p2-74.60.1.ppc64le",
"product_id": "openssh-7.2p2-74.60.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.2p2-74.60.1.ppc64le",
"product": {
"name": "openssh-askpass-gnome-7.2p2-74.60.1.ppc64le",
"product_id": "openssh-askpass-gnome-7.2p2-74.60.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-cavs-7.2p2-74.60.1.ppc64le",
"product": {
"name": "openssh-cavs-7.2p2-74.60.1.ppc64le",
"product_id": "openssh-cavs-7.2p2-74.60.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.2p2-74.60.1.ppc64le",
"product": {
"name": "openssh-fips-7.2p2-74.60.1.ppc64le",
"product_id": "openssh-fips-7.2p2-74.60.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.2p2-74.60.1.ppc64le",
"product": {
"name": "openssh-helpers-7.2p2-74.60.1.ppc64le",
"product_id": "openssh-helpers-7.2p2-74.60.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.2p2-74.60.1.s390",
"product": {
"name": "openssh-7.2p2-74.60.1.s390",
"product_id": "openssh-7.2p2-74.60.1.s390"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.2p2-74.60.1.s390",
"product": {
"name": "openssh-askpass-gnome-7.2p2-74.60.1.s390",
"product_id": "openssh-askpass-gnome-7.2p2-74.60.1.s390"
}
},
{
"category": "product_version",
"name": "openssh-cavs-7.2p2-74.60.1.s390",
"product": {
"name": "openssh-cavs-7.2p2-74.60.1.s390",
"product_id": "openssh-cavs-7.2p2-74.60.1.s390"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.2p2-74.60.1.s390",
"product": {
"name": "openssh-fips-7.2p2-74.60.1.s390",
"product_id": "openssh-fips-7.2p2-74.60.1.s390"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.2p2-74.60.1.s390",
"product": {
"name": "openssh-helpers-7.2p2-74.60.1.s390",
"product_id": "openssh-helpers-7.2p2-74.60.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.2p2-74.60.1.s390x",
"product": {
"name": "openssh-7.2p2-74.60.1.s390x",
"product_id": "openssh-7.2p2-74.60.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.2p2-74.60.1.s390x",
"product": {
"name": "openssh-askpass-gnome-7.2p2-74.60.1.s390x",
"product_id": "openssh-askpass-gnome-7.2p2-74.60.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-cavs-7.2p2-74.60.1.s390x",
"product": {
"name": "openssh-cavs-7.2p2-74.60.1.s390x",
"product_id": "openssh-cavs-7.2p2-74.60.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.2p2-74.60.1.s390x",
"product": {
"name": "openssh-fips-7.2p2-74.60.1.s390x",
"product_id": "openssh-fips-7.2p2-74.60.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.2p2-74.60.1.s390x",
"product": {
"name": "openssh-helpers-7.2p2-74.60.1.s390x",
"product_id": "openssh-helpers-7.2p2-74.60.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-7.2p2-74.60.1.x86_64",
"product": {
"name": "openssh-7.2p2-74.60.1.x86_64",
"product_id": "openssh-7.2p2-74.60.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"product": {
"name": "openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"product_id": "openssh-askpass-gnome-7.2p2-74.60.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-fips-7.2p2-74.60.1.x86_64",
"product": {
"name": "openssh-fips-7.2p2-74.60.1.x86_64",
"product_id": "openssh-fips-7.2p2-74.60.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-7.2p2-74.60.1.x86_64",
"product": {
"name": "openssh-helpers-7.2p2-74.60.1.x86_64",
"product_id": "openssh-helpers-7.2p2-74.60.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-cavs-7.2p2-74.60.1.x86_64",
"product": {
"name": "openssh-cavs-7.2p2-74.60.1.x86_64",
"product_id": "openssh-cavs-7.2p2-74.60.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "HPE Helion OpenStack 8",
"product": {
"name": "HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:hpe-helion-openstack:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 8",
"product": {
"name": "SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 8",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:8"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.60.1.x86_64 as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openssh-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.60.1.x86_64 as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openssh-askpass-gnome-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.60.1.x86_64 as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openssh-fips-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-fips-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.60.1.x86_64 as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openssh-helpers-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-helpers-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.60.1.x86_64 as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openssh-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.60.1.x86_64 as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openssh-askpass-gnome-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.60.1.x86_64 as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openssh-fips-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-fips-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.60.1.x86_64 as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openssh-helpers-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-helpers-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.60.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openssh-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.60.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openssh-askpass-gnome-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.60.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openssh-fips-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-fips-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.60.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openssh-helpers-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-helpers-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.60.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.60.1.ppc64le"
},
"product_reference": "openssh-7.2p2-74.60.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.60.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.60.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.60.1.ppc64le"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.60.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.60.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.60.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.60.1.ppc64le"
},
"product_reference": "openssh-fips-7.2p2-74.60.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.60.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-fips-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.60.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.60.1.ppc64le"
},
"product_reference": "openssh-helpers-7.2p2-74.60.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.60.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-helpers-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.60.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:openssh-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.60.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:openssh-askpass-gnome-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.60.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:openssh-fips-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-fips-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.60.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:openssh-helpers-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-helpers-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.60.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-7.2p2-74.60.1.aarch64"
},
"product_reference": "openssh-7.2p2-74.60.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.60.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-7.2p2-74.60.1.ppc64le"
},
"product_reference": "openssh-7.2p2-74.60.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.60.1.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-7.2p2-74.60.1.s390x"
},
"product_reference": "openssh-7.2p2-74.60.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.60.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.60.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-askpass-gnome-7.2p2-74.60.1.aarch64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.60.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.60.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-askpass-gnome-7.2p2-74.60.1.ppc64le"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.60.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.60.1.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-askpass-gnome-7.2p2-74.60.1.s390x"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.60.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.60.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-askpass-gnome-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.60.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-fips-7.2p2-74.60.1.aarch64"
},
"product_reference": "openssh-fips-7.2p2-74.60.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.60.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-fips-7.2p2-74.60.1.ppc64le"
},
"product_reference": "openssh-fips-7.2p2-74.60.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.60.1.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-fips-7.2p2-74.60.1.s390x"
},
"product_reference": "openssh-fips-7.2p2-74.60.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.60.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-fips-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-fips-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.60.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-helpers-7.2p2-74.60.1.aarch64"
},
"product_reference": "openssh-helpers-7.2p2-74.60.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.60.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-helpers-7.2p2-74.60.1.ppc64le"
},
"product_reference": "openssh-helpers-7.2p2-74.60.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.60.1.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-helpers-7.2p2-74.60.1.s390x"
},
"product_reference": "openssh-helpers-7.2p2-74.60.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.60.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-helpers-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-helpers-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-7.2p2-74.60.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:openssh-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-7.2p2-74.60.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:openssh-askpass-gnome-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-7.2p2-74.60.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:openssh-fips-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-fips-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-7.2p2-74.60.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:openssh-helpers-7.2p2-74.60.1.x86_64"
},
"product_reference": "openssh-helpers-7.2p2-74.60.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-41617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-41617"
}
],
"notes": [
{
"category": "general",
"text": "sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:openssh-7.2p2-74.60.1.x86_64",
"HPE Helion OpenStack 8:openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"HPE Helion OpenStack 8:openssh-fips-7.2p2-74.60.1.x86_64",
"HPE Helion OpenStack 8:openssh-helpers-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:openssh-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:openssh-fips-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:openssh-helpers-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:openssh-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:openssh-fips-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:openssh-helpers-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-7.2p2-74.60.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-7.2p2-74.60.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-7.2p2-74.60.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-askpass-gnome-7.2p2-74.60.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-askpass-gnome-7.2p2-74.60.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-askpass-gnome-7.2p2-74.60.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-fips-7.2p2-74.60.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-fips-7.2p2-74.60.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-fips-7.2p2-74.60.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-fips-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-helpers-7.2p2-74.60.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-helpers-7.2p2-74.60.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-helpers-7.2p2-74.60.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-helpers-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.60.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.60.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.60.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.60.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.60.1.x86_64",
"SUSE OpenStack Cloud 8:openssh-7.2p2-74.60.1.x86_64",
"SUSE OpenStack Cloud 8:openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"SUSE OpenStack Cloud 8:openssh-fips-7.2p2-74.60.1.x86_64",
"SUSE OpenStack Cloud 8:openssh-helpers-7.2p2-74.60.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:openssh-7.2p2-74.60.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:openssh-fips-7.2p2-74.60.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:openssh-helpers-7.2p2-74.60.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-41617",
"url": "https://www.suse.com/security/cve/CVE-2021-41617"
},
{
"category": "external",
"summary": "SUSE Bug 1190975 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1190975"
},
{
"category": "external",
"summary": "SUSE Bug 1193497 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1193497"
},
{
"category": "external",
"summary": "SUSE Bug 1196721 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1196721"
},
{
"category": "external",
"summary": "SUSE Bug 1200782 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1200782"
},
{
"category": "external",
"summary": "SUSE Bug 1205056 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1205056"
},
{
"category": "external",
"summary": "SUSE Bug 1212247 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1212247"
},
{
"category": "external",
"summary": "SUSE Bug 1212281 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1212281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:openssh-7.2p2-74.60.1.x86_64",
"HPE Helion OpenStack 8:openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"HPE Helion OpenStack 8:openssh-fips-7.2p2-74.60.1.x86_64",
"HPE Helion OpenStack 8:openssh-helpers-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:openssh-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:openssh-fips-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:openssh-helpers-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:openssh-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:openssh-fips-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:openssh-helpers-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-7.2p2-74.60.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-7.2p2-74.60.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-7.2p2-74.60.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-askpass-gnome-7.2p2-74.60.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-askpass-gnome-7.2p2-74.60.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-askpass-gnome-7.2p2-74.60.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-fips-7.2p2-74.60.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-fips-7.2p2-74.60.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-fips-7.2p2-74.60.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-fips-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-helpers-7.2p2-74.60.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-helpers-7.2p2-74.60.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-helpers-7.2p2-74.60.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-helpers-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.60.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.60.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.60.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.60.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.60.1.x86_64",
"SUSE OpenStack Cloud 8:openssh-7.2p2-74.60.1.x86_64",
"SUSE OpenStack Cloud 8:openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"SUSE OpenStack Cloud 8:openssh-fips-7.2p2-74.60.1.x86_64",
"SUSE OpenStack Cloud 8:openssh-helpers-7.2p2-74.60.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:openssh-7.2p2-74.60.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:openssh-fips-7.2p2-74.60.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:openssh-helpers-7.2p2-74.60.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:openssh-7.2p2-74.60.1.x86_64",
"HPE Helion OpenStack 8:openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"HPE Helion OpenStack 8:openssh-fips-7.2p2-74.60.1.x86_64",
"HPE Helion OpenStack 8:openssh-helpers-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:openssh-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:openssh-fips-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:openssh-helpers-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:openssh-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:openssh-fips-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:openssh-helpers-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-7.2p2-74.60.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-7.2p2-74.60.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-7.2p2-74.60.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-askpass-gnome-7.2p2-74.60.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-askpass-gnome-7.2p2-74.60.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-askpass-gnome-7.2p2-74.60.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-fips-7.2p2-74.60.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-fips-7.2p2-74.60.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-fips-7.2p2-74.60.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-fips-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-helpers-7.2p2-74.60.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-helpers-7.2p2-74.60.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-helpers-7.2p2-74.60.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:openssh-helpers-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.60.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.60.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.60.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-fips-7.2p2-74.60.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.60.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:openssh-helpers-7.2p2-74.60.1.x86_64",
"SUSE OpenStack Cloud 8:openssh-7.2p2-74.60.1.x86_64",
"SUSE OpenStack Cloud 8:openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"SUSE OpenStack Cloud 8:openssh-fips-7.2p2-74.60.1.x86_64",
"SUSE OpenStack Cloud 8:openssh-helpers-7.2p2-74.60.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:openssh-7.2p2-74.60.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:openssh-askpass-gnome-7.2p2-74.60.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:openssh-fips-7.2p2-74.60.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:openssh-helpers-7.2p2-74.60.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-12-06T14:00:13Z",
"details": "important"
}
],
"title": "CVE-2021-41617"
}
]
}
SUSE-SU-2021:14847-1
Vulnerability from csaf_suse - Published: 2021-12-01 15:55 - Updated: 2021-12-01 15:55Summary
Security update for openssh
Notes
Title of the patch
Security update for openssh
Description of the patch
This update for openssh fixes the following issues:
- CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured (bsc#1190975).
Patchnames
slessp4-openssh-14847
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssh",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssh fixes the following issues:\n\n- CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured (bsc#1190975).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "slessp4-openssh-14847",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_14847-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:14847-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-202114847-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:14847-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-December/009807.html"
},
{
"category": "self",
"summary": "SUSE Bug 1190975",
"url": "https://bugzilla.suse.com/1190975"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-41617 page",
"url": "https://www.suse.com/security/cve/CVE-2021-41617/"
}
],
"title": "Security update for openssh",
"tracking": {
"current_release_date": "2021-12-01T15:55:51Z",
"generator": {
"date": "2021-12-01T15:55:51Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:14847-1",
"initial_release_date": "2021-12-01T15:55:51Z",
"revision_history": [
{
"date": "2021-12-01T15:55:51Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.6p1-36.26.1.i586",
"product": {
"name": "openssh-6.6p1-36.26.1.i586",
"product_id": "openssh-6.6p1-36.26.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.6p1-36.26.1.i586",
"product": {
"name": "openssh-askpass-gnome-6.6p1-36.26.1.i586",
"product_id": "openssh-askpass-gnome-6.6p1-36.26.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-fips-6.6p1-36.26.1.i586",
"product": {
"name": "openssh-fips-6.6p1-36.26.1.i586",
"product_id": "openssh-fips-6.6p1-36.26.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-helpers-6.6p1-36.26.1.i586",
"product": {
"name": "openssh-helpers-6.6p1-36.26.1.i586",
"product_id": "openssh-helpers-6.6p1-36.26.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.6p1-36.26.1.ppc64",
"product": {
"name": "openssh-6.6p1-36.26.1.ppc64",
"product_id": "openssh-6.6p1-36.26.1.ppc64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.6p1-36.26.1.ppc64",
"product": {
"name": "openssh-askpass-gnome-6.6p1-36.26.1.ppc64",
"product_id": "openssh-askpass-gnome-6.6p1-36.26.1.ppc64"
}
},
{
"category": "product_version",
"name": "openssh-fips-6.6p1-36.26.1.ppc64",
"product": {
"name": "openssh-fips-6.6p1-36.26.1.ppc64",
"product_id": "openssh-fips-6.6p1-36.26.1.ppc64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-6.6p1-36.26.1.ppc64",
"product": {
"name": "openssh-helpers-6.6p1-36.26.1.ppc64",
"product_id": "openssh-helpers-6.6p1-36.26.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.6p1-36.26.1.s390x",
"product": {
"name": "openssh-6.6p1-36.26.1.s390x",
"product_id": "openssh-6.6p1-36.26.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.6p1-36.26.1.s390x",
"product": {
"name": "openssh-askpass-gnome-6.6p1-36.26.1.s390x",
"product_id": "openssh-askpass-gnome-6.6p1-36.26.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-fips-6.6p1-36.26.1.s390x",
"product": {
"name": "openssh-fips-6.6p1-36.26.1.s390x",
"product_id": "openssh-fips-6.6p1-36.26.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-helpers-6.6p1-36.26.1.s390x",
"product": {
"name": "openssh-helpers-6.6p1-36.26.1.s390x",
"product_id": "openssh-helpers-6.6p1-36.26.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-6.6p1-36.26.1.x86_64",
"product": {
"name": "openssh-6.6p1-36.26.1.x86_64",
"product_id": "openssh-6.6p1-36.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-6.6p1-36.26.1.x86_64",
"product": {
"name": "openssh-askpass-gnome-6.6p1-36.26.1.x86_64",
"product_id": "openssh-askpass-gnome-6.6p1-36.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-fips-6.6p1-36.26.1.x86_64",
"product": {
"name": "openssh-fips-6.6p1-36.26.1.x86_64",
"product_id": "openssh-fips-6.6p1-36.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-6.6p1-36.26.1.x86_64",
"product": {
"name": "openssh-helpers-6.6p1-36.26.1.x86_64",
"product_id": "openssh-helpers-6.6p1-36.26.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-36.26.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-6.6p1-36.26.1.i586"
},
"product_reference": "openssh-6.6p1-36.26.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-36.26.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-6.6p1-36.26.1.ppc64"
},
"product_reference": "openssh-6.6p1-36.26.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-36.26.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-6.6p1-36.26.1.s390x"
},
"product_reference": "openssh-6.6p1-36.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-6.6p1-36.26.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-6.6p1-36.26.1.x86_64"
},
"product_reference": "openssh-6.6p1-36.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-36.26.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-askpass-gnome-6.6p1-36.26.1.i586"
},
"product_reference": "openssh-askpass-gnome-6.6p1-36.26.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-36.26.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-askpass-gnome-6.6p1-36.26.1.ppc64"
},
"product_reference": "openssh-askpass-gnome-6.6p1-36.26.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-36.26.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-askpass-gnome-6.6p1-36.26.1.s390x"
},
"product_reference": "openssh-askpass-gnome-6.6p1-36.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-6.6p1-36.26.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-askpass-gnome-6.6p1-36.26.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-6.6p1-36.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-36.26.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-fips-6.6p1-36.26.1.i586"
},
"product_reference": "openssh-fips-6.6p1-36.26.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-36.26.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-fips-6.6p1-36.26.1.ppc64"
},
"product_reference": "openssh-fips-6.6p1-36.26.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-36.26.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-fips-6.6p1-36.26.1.s390x"
},
"product_reference": "openssh-fips-6.6p1-36.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-6.6p1-36.26.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-fips-6.6p1-36.26.1.x86_64"
},
"product_reference": "openssh-fips-6.6p1-36.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-36.26.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-helpers-6.6p1-36.26.1.i586"
},
"product_reference": "openssh-helpers-6.6p1-36.26.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-36.26.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-helpers-6.6p1-36.26.1.ppc64"
},
"product_reference": "openssh-helpers-6.6p1-36.26.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-36.26.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-helpers-6.6p1-36.26.1.s390x"
},
"product_reference": "openssh-helpers-6.6p1-36.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-6.6p1-36.26.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-helpers-6.6p1-36.26.1.x86_64"
},
"product_reference": "openssh-helpers-6.6p1-36.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-41617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-41617"
}
],
"notes": [
{
"category": "general",
"text": "sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-6.6p1-36.26.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-6.6p1-36.26.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-6.6p1-36.26.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-6.6p1-36.26.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-askpass-gnome-6.6p1-36.26.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-askpass-gnome-6.6p1-36.26.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-askpass-gnome-6.6p1-36.26.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-askpass-gnome-6.6p1-36.26.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-fips-6.6p1-36.26.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-fips-6.6p1-36.26.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-fips-6.6p1-36.26.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-fips-6.6p1-36.26.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-helpers-6.6p1-36.26.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-helpers-6.6p1-36.26.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-helpers-6.6p1-36.26.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-helpers-6.6p1-36.26.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-41617",
"url": "https://www.suse.com/security/cve/CVE-2021-41617"
},
{
"category": "external",
"summary": "SUSE Bug 1190975 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1190975"
},
{
"category": "external",
"summary": "SUSE Bug 1193497 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1193497"
},
{
"category": "external",
"summary": "SUSE Bug 1196721 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1196721"
},
{
"category": "external",
"summary": "SUSE Bug 1200782 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1200782"
},
{
"category": "external",
"summary": "SUSE Bug 1205056 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1205056"
},
{
"category": "external",
"summary": "SUSE Bug 1212247 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1212247"
},
{
"category": "external",
"summary": "SUSE Bug 1212281 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1212281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-6.6p1-36.26.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-6.6p1-36.26.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-6.6p1-36.26.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-6.6p1-36.26.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-askpass-gnome-6.6p1-36.26.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-askpass-gnome-6.6p1-36.26.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-askpass-gnome-6.6p1-36.26.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-askpass-gnome-6.6p1-36.26.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-fips-6.6p1-36.26.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-fips-6.6p1-36.26.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-fips-6.6p1-36.26.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-fips-6.6p1-36.26.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-helpers-6.6p1-36.26.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-helpers-6.6p1-36.26.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-helpers-6.6p1-36.26.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-helpers-6.6p1-36.26.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-6.6p1-36.26.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-6.6p1-36.26.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-6.6p1-36.26.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-6.6p1-36.26.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-askpass-gnome-6.6p1-36.26.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-askpass-gnome-6.6p1-36.26.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-askpass-gnome-6.6p1-36.26.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-askpass-gnome-6.6p1-36.26.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-fips-6.6p1-36.26.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-fips-6.6p1-36.26.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-fips-6.6p1-36.26.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-fips-6.6p1-36.26.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-helpers-6.6p1-36.26.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-helpers-6.6p1-36.26.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-helpers-6.6p1-36.26.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:openssh-helpers-6.6p1-36.26.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-12-01T15:55:51Z",
"details": "important"
}
],
"title": "CVE-2021-41617"
}
]
}
SUSE-SU-2021:3950-1
Vulnerability from csaf_suse - Published: 2021-12-06 13:59 - Updated: 2021-12-06 13:59Summary
Security update for openssh
Notes
Title of the patch
Security update for openssh
Description of the patch
This update for openssh fixes the following issues:
- CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured (bsc#1190975).
Patchnames
SUSE-2021-3950,SUSE-SLE-Module-Basesystem-15-SP3-2021-3950,SUSE-SLE-Module-Desktop-Applications-15-SP3-2021-3950,SUSE-SLE-Module-Server-Applications-15-SP3-2021-3950,SUSE-SUSE-MicroOS-5.1-2021-3950
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssh",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssh fixes the following issues:\n\n- CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured (bsc#1190975).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-3950,SUSE-SLE-Module-Basesystem-15-SP3-2021-3950,SUSE-SLE-Module-Desktop-Applications-15-SP3-2021-3950,SUSE-SLE-Module-Server-Applications-15-SP3-2021-3950,SUSE-SUSE-MicroOS-5.1-2021-3950",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_3950-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:3950-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20213950-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:3950-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-December/009857.html"
},
{
"category": "self",
"summary": "SUSE Bug 1190975",
"url": "https://bugzilla.suse.com/1190975"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-41617 page",
"url": "https://www.suse.com/security/cve/CVE-2021-41617/"
}
],
"title": "Security update for openssh",
"tracking": {
"current_release_date": "2021-12-06T13:59:58Z",
"generator": {
"date": "2021-12-06T13:59:58Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:3950-1",
"initial_release_date": "2021-12-06T13:59:58Z",
"revision_history": [
{
"date": "2021-12-06T13:59:58Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssh-8.4p1-3.6.1.aarch64",
"product": {
"name": "openssh-8.4p1-3.6.1.aarch64",
"product_id": "openssh-8.4p1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-8.4p1-3.6.1.aarch64",
"product": {
"name": "openssh-askpass-gnome-8.4p1-3.6.1.aarch64",
"product_id": "openssh-askpass-gnome-8.4p1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-cavs-8.4p1-3.6.1.aarch64",
"product": {
"name": "openssh-cavs-8.4p1-3.6.1.aarch64",
"product_id": "openssh-cavs-8.4p1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-clients-8.4p1-3.6.1.aarch64",
"product": {
"name": "openssh-clients-8.4p1-3.6.1.aarch64",
"product_id": "openssh-clients-8.4p1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-common-8.4p1-3.6.1.aarch64",
"product": {
"name": "openssh-common-8.4p1-3.6.1.aarch64",
"product_id": "openssh-common-8.4p1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-fips-8.4p1-3.6.1.aarch64",
"product": {
"name": "openssh-fips-8.4p1-3.6.1.aarch64",
"product_id": "openssh-fips-8.4p1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-8.4p1-3.6.1.aarch64",
"product": {
"name": "openssh-helpers-8.4p1-3.6.1.aarch64",
"product_id": "openssh-helpers-8.4p1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-server-8.4p1-3.6.1.aarch64",
"product": {
"name": "openssh-server-8.4p1-3.6.1.aarch64",
"product_id": "openssh-server-8.4p1-3.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-8.4p1-3.6.1.i586",
"product": {
"name": "openssh-8.4p1-3.6.1.i586",
"product_id": "openssh-8.4p1-3.6.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-8.4p1-3.6.1.i586",
"product": {
"name": "openssh-askpass-gnome-8.4p1-3.6.1.i586",
"product_id": "openssh-askpass-gnome-8.4p1-3.6.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-cavs-8.4p1-3.6.1.i586",
"product": {
"name": "openssh-cavs-8.4p1-3.6.1.i586",
"product_id": "openssh-cavs-8.4p1-3.6.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-clients-8.4p1-3.6.1.i586",
"product": {
"name": "openssh-clients-8.4p1-3.6.1.i586",
"product_id": "openssh-clients-8.4p1-3.6.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-common-8.4p1-3.6.1.i586",
"product": {
"name": "openssh-common-8.4p1-3.6.1.i586",
"product_id": "openssh-common-8.4p1-3.6.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-fips-8.4p1-3.6.1.i586",
"product": {
"name": "openssh-fips-8.4p1-3.6.1.i586",
"product_id": "openssh-fips-8.4p1-3.6.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-helpers-8.4p1-3.6.1.i586",
"product": {
"name": "openssh-helpers-8.4p1-3.6.1.i586",
"product_id": "openssh-helpers-8.4p1-3.6.1.i586"
}
},
{
"category": "product_version",
"name": "openssh-server-8.4p1-3.6.1.i586",
"product": {
"name": "openssh-server-8.4p1-3.6.1.i586",
"product_id": "openssh-server-8.4p1-3.6.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-8.4p1-3.6.1.ppc64le",
"product": {
"name": "openssh-8.4p1-3.6.1.ppc64le",
"product_id": "openssh-8.4p1-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-8.4p1-3.6.1.ppc64le",
"product": {
"name": "openssh-askpass-gnome-8.4p1-3.6.1.ppc64le",
"product_id": "openssh-askpass-gnome-8.4p1-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-cavs-8.4p1-3.6.1.ppc64le",
"product": {
"name": "openssh-cavs-8.4p1-3.6.1.ppc64le",
"product_id": "openssh-cavs-8.4p1-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-clients-8.4p1-3.6.1.ppc64le",
"product": {
"name": "openssh-clients-8.4p1-3.6.1.ppc64le",
"product_id": "openssh-clients-8.4p1-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-common-8.4p1-3.6.1.ppc64le",
"product": {
"name": "openssh-common-8.4p1-3.6.1.ppc64le",
"product_id": "openssh-common-8.4p1-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-fips-8.4p1-3.6.1.ppc64le",
"product": {
"name": "openssh-fips-8.4p1-3.6.1.ppc64le",
"product_id": "openssh-fips-8.4p1-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-helpers-8.4p1-3.6.1.ppc64le",
"product": {
"name": "openssh-helpers-8.4p1-3.6.1.ppc64le",
"product_id": "openssh-helpers-8.4p1-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-server-8.4p1-3.6.1.ppc64le",
"product": {
"name": "openssh-server-8.4p1-3.6.1.ppc64le",
"product_id": "openssh-server-8.4p1-3.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-8.4p1-3.6.1.s390x",
"product": {
"name": "openssh-8.4p1-3.6.1.s390x",
"product_id": "openssh-8.4p1-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-8.4p1-3.6.1.s390x",
"product": {
"name": "openssh-askpass-gnome-8.4p1-3.6.1.s390x",
"product_id": "openssh-askpass-gnome-8.4p1-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-cavs-8.4p1-3.6.1.s390x",
"product": {
"name": "openssh-cavs-8.4p1-3.6.1.s390x",
"product_id": "openssh-cavs-8.4p1-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-clients-8.4p1-3.6.1.s390x",
"product": {
"name": "openssh-clients-8.4p1-3.6.1.s390x",
"product_id": "openssh-clients-8.4p1-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-common-8.4p1-3.6.1.s390x",
"product": {
"name": "openssh-common-8.4p1-3.6.1.s390x",
"product_id": "openssh-common-8.4p1-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-fips-8.4p1-3.6.1.s390x",
"product": {
"name": "openssh-fips-8.4p1-3.6.1.s390x",
"product_id": "openssh-fips-8.4p1-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-helpers-8.4p1-3.6.1.s390x",
"product": {
"name": "openssh-helpers-8.4p1-3.6.1.s390x",
"product_id": "openssh-helpers-8.4p1-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-server-8.4p1-3.6.1.s390x",
"product": {
"name": "openssh-server-8.4p1-3.6.1.s390x",
"product_id": "openssh-server-8.4p1-3.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-8.4p1-3.6.1.x86_64",
"product": {
"name": "openssh-8.4p1-3.6.1.x86_64",
"product_id": "openssh-8.4p1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-8.4p1-3.6.1.x86_64",
"product": {
"name": "openssh-askpass-gnome-8.4p1-3.6.1.x86_64",
"product_id": "openssh-askpass-gnome-8.4p1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-cavs-8.4p1-3.6.1.x86_64",
"product": {
"name": "openssh-cavs-8.4p1-3.6.1.x86_64",
"product_id": "openssh-cavs-8.4p1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-clients-8.4p1-3.6.1.x86_64",
"product": {
"name": "openssh-clients-8.4p1-3.6.1.x86_64",
"product_id": "openssh-clients-8.4p1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-common-8.4p1-3.6.1.x86_64",
"product": {
"name": "openssh-common-8.4p1-3.6.1.x86_64",
"product_id": "openssh-common-8.4p1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-fips-8.4p1-3.6.1.x86_64",
"product": {
"name": "openssh-fips-8.4p1-3.6.1.x86_64",
"product_id": "openssh-fips-8.4p1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-8.4p1-3.6.1.x86_64",
"product": {
"name": "openssh-helpers-8.4p1-3.6.1.x86_64",
"product_id": "openssh-helpers-8.4p1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-server-8.4p1-3.6.1.x86_64",
"product": {
"name": "openssh-server-8.4p1-3.6.1.x86_64",
"product_id": "openssh-server-8.4p1-3.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-desktop-applications:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Server Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Module for Server Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-server-applications:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.4p1-3.6.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-8.4p1-3.6.1.aarch64"
},
"product_reference": "openssh-8.4p1-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.4p1-3.6.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-8.4p1-3.6.1.ppc64le"
},
"product_reference": "openssh-8.4p1-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.4p1-3.6.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-8.4p1-3.6.1.s390x"
},
"product_reference": "openssh-8.4p1-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.4p1-3.6.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-8.4p1-3.6.1.x86_64"
},
"product_reference": "openssh-8.4p1-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-8.4p1-3.6.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-clients-8.4p1-3.6.1.aarch64"
},
"product_reference": "openssh-clients-8.4p1-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-8.4p1-3.6.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-clients-8.4p1-3.6.1.ppc64le"
},
"product_reference": "openssh-clients-8.4p1-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-8.4p1-3.6.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-clients-8.4p1-3.6.1.s390x"
},
"product_reference": "openssh-clients-8.4p1-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-8.4p1-3.6.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-clients-8.4p1-3.6.1.x86_64"
},
"product_reference": "openssh-clients-8.4p1-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-8.4p1-3.6.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-common-8.4p1-3.6.1.aarch64"
},
"product_reference": "openssh-common-8.4p1-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-8.4p1-3.6.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-common-8.4p1-3.6.1.ppc64le"
},
"product_reference": "openssh-common-8.4p1-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-8.4p1-3.6.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-common-8.4p1-3.6.1.s390x"
},
"product_reference": "openssh-common-8.4p1-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-8.4p1-3.6.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-common-8.4p1-3.6.1.x86_64"
},
"product_reference": "openssh-common-8.4p1-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.4p1-3.6.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-fips-8.4p1-3.6.1.aarch64"
},
"product_reference": "openssh-fips-8.4p1-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.4p1-3.6.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-fips-8.4p1-3.6.1.ppc64le"
},
"product_reference": "openssh-fips-8.4p1-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.4p1-3.6.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-fips-8.4p1-3.6.1.s390x"
},
"product_reference": "openssh-fips-8.4p1-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.4p1-3.6.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-fips-8.4p1-3.6.1.x86_64"
},
"product_reference": "openssh-fips-8.4p1-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.4p1-3.6.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-helpers-8.4p1-3.6.1.aarch64"
},
"product_reference": "openssh-helpers-8.4p1-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.4p1-3.6.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-helpers-8.4p1-3.6.1.ppc64le"
},
"product_reference": "openssh-helpers-8.4p1-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.4p1-3.6.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-helpers-8.4p1-3.6.1.s390x"
},
"product_reference": "openssh-helpers-8.4p1-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.4p1-3.6.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-helpers-8.4p1-3.6.1.x86_64"
},
"product_reference": "openssh-helpers-8.4p1-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-8.4p1-3.6.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-server-8.4p1-3.6.1.aarch64"
},
"product_reference": "openssh-server-8.4p1-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-8.4p1-3.6.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-server-8.4p1-3.6.1.ppc64le"
},
"product_reference": "openssh-server-8.4p1-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-8.4p1-3.6.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-server-8.4p1-3.6.1.s390x"
},
"product_reference": "openssh-server-8.4p1-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-8.4p1-3.6.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-server-8.4p1-3.6.1.x86_64"
},
"product_reference": "openssh-server-8.4p1-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-8.4p1-3.6.1.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:openssh-askpass-gnome-8.4p1-3.6.1.aarch64"
},
"product_reference": "openssh-askpass-gnome-8.4p1-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-8.4p1-3.6.1.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:openssh-askpass-gnome-8.4p1-3.6.1.ppc64le"
},
"product_reference": "openssh-askpass-gnome-8.4p1-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-8.4p1-3.6.1.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:openssh-askpass-gnome-8.4p1-3.6.1.s390x"
},
"product_reference": "openssh-askpass-gnome-8.4p1-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-8.4p1-3.6.1.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:openssh-askpass-gnome-8.4p1-3.6.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-8.4p1-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.4p1-3.6.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP3:openssh-fips-8.4p1-3.6.1.aarch64"
},
"product_reference": "openssh-fips-8.4p1-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.4p1-3.6.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP3:openssh-fips-8.4p1-3.6.1.ppc64le"
},
"product_reference": "openssh-fips-8.4p1-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.4p1-3.6.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP3:openssh-fips-8.4p1-3.6.1.s390x"
},
"product_reference": "openssh-fips-8.4p1-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.4p1-3.6.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP3:openssh-fips-8.4p1-3.6.1.x86_64"
},
"product_reference": "openssh-fips-8.4p1-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.4p1-3.6.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:openssh-8.4p1-3.6.1.aarch64"
},
"product_reference": "openssh-8.4p1-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.4p1-3.6.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:openssh-8.4p1-3.6.1.s390x"
},
"product_reference": "openssh-8.4p1-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.4p1-3.6.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:openssh-8.4p1-3.6.1.x86_64"
},
"product_reference": "openssh-8.4p1-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-8.4p1-3.6.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:openssh-clients-8.4p1-3.6.1.aarch64"
},
"product_reference": "openssh-clients-8.4p1-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-8.4p1-3.6.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:openssh-clients-8.4p1-3.6.1.s390x"
},
"product_reference": "openssh-clients-8.4p1-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-8.4p1-3.6.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:openssh-clients-8.4p1-3.6.1.x86_64"
},
"product_reference": "openssh-clients-8.4p1-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-8.4p1-3.6.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:openssh-common-8.4p1-3.6.1.aarch64"
},
"product_reference": "openssh-common-8.4p1-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-8.4p1-3.6.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:openssh-common-8.4p1-3.6.1.s390x"
},
"product_reference": "openssh-common-8.4p1-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-8.4p1-3.6.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:openssh-common-8.4p1-3.6.1.x86_64"
},
"product_reference": "openssh-common-8.4p1-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.4p1-3.6.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:openssh-fips-8.4p1-3.6.1.aarch64"
},
"product_reference": "openssh-fips-8.4p1-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.4p1-3.6.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:openssh-fips-8.4p1-3.6.1.s390x"
},
"product_reference": "openssh-fips-8.4p1-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.4p1-3.6.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:openssh-fips-8.4p1-3.6.1.x86_64"
},
"product_reference": "openssh-fips-8.4p1-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-8.4p1-3.6.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:openssh-server-8.4p1-3.6.1.aarch64"
},
"product_reference": "openssh-server-8.4p1-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-8.4p1-3.6.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:openssh-server-8.4p1-3.6.1.s390x"
},
"product_reference": "openssh-server-8.4p1-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-8.4p1-3.6.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:openssh-server-8.4p1-3.6.1.x86_64"
},
"product_reference": "openssh-server-8.4p1-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-41617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-41617"
}
],
"notes": [
{
"category": "general",
"text": "sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:openssh-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:openssh-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Micro 5.1:openssh-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:openssh-clients-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:openssh-clients-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Micro 5.1:openssh-clients-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:openssh-common-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:openssh-common-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Micro 5.1:openssh-common-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:openssh-fips-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:openssh-fips-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Micro 5.1:openssh-fips-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:openssh-server-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:openssh-server-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Micro 5.1:openssh-server-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-8.4p1-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-clients-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-clients-8.4p1-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-clients-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-clients-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-common-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-common-8.4p1-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-common-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-common-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-fips-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-fips-8.4p1-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-fips-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-fips-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-helpers-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-helpers-8.4p1-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-helpers-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-helpers-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-server-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-server-8.4p1-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-server-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-server-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:openssh-askpass-gnome-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:openssh-askpass-gnome-8.4p1-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:openssh-askpass-gnome-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:openssh-askpass-gnome-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:openssh-fips-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:openssh-fips-8.4p1-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:openssh-fips-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:openssh-fips-8.4p1-3.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-41617",
"url": "https://www.suse.com/security/cve/CVE-2021-41617"
},
{
"category": "external",
"summary": "SUSE Bug 1190975 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1190975"
},
{
"category": "external",
"summary": "SUSE Bug 1193497 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1193497"
},
{
"category": "external",
"summary": "SUSE Bug 1196721 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1196721"
},
{
"category": "external",
"summary": "SUSE Bug 1200782 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1200782"
},
{
"category": "external",
"summary": "SUSE Bug 1205056 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1205056"
},
{
"category": "external",
"summary": "SUSE Bug 1212247 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1212247"
},
{
"category": "external",
"summary": "SUSE Bug 1212281 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1212281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:openssh-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:openssh-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Micro 5.1:openssh-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:openssh-clients-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:openssh-clients-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Micro 5.1:openssh-clients-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:openssh-common-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:openssh-common-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Micro 5.1:openssh-common-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:openssh-fips-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:openssh-fips-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Micro 5.1:openssh-fips-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:openssh-server-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:openssh-server-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Micro 5.1:openssh-server-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-8.4p1-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-clients-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-clients-8.4p1-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-clients-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-clients-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-common-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-common-8.4p1-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-common-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-common-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-fips-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-fips-8.4p1-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-fips-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-fips-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-helpers-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-helpers-8.4p1-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-helpers-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-helpers-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-server-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-server-8.4p1-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-server-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-server-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:openssh-askpass-gnome-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:openssh-askpass-gnome-8.4p1-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:openssh-askpass-gnome-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:openssh-askpass-gnome-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:openssh-fips-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:openssh-fips-8.4p1-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:openssh-fips-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:openssh-fips-8.4p1-3.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:openssh-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:openssh-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Micro 5.1:openssh-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:openssh-clients-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:openssh-clients-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Micro 5.1:openssh-clients-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:openssh-common-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:openssh-common-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Micro 5.1:openssh-common-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:openssh-fips-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:openssh-fips-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Micro 5.1:openssh-fips-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:openssh-server-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:openssh-server-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Micro 5.1:openssh-server-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-8.4p1-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-clients-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-clients-8.4p1-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-clients-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-clients-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-common-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-common-8.4p1-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-common-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-common-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-fips-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-fips-8.4p1-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-fips-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-fips-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-helpers-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-helpers-8.4p1-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-helpers-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-helpers-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-server-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-server-8.4p1-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-server-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:openssh-server-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:openssh-askpass-gnome-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:openssh-askpass-gnome-8.4p1-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:openssh-askpass-gnome-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:openssh-askpass-gnome-8.4p1-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:openssh-fips-8.4p1-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:openssh-fips-8.4p1-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:openssh-fips-8.4p1-3.6.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:openssh-fips-8.4p1-3.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-12-06T13:59:58Z",
"details": "important"
}
],
"title": "CVE-2021-41617"
}
]
}
WID-SEC-W-2023-0426
Vulnerability from csaf_certbund - Published: 2022-03-13 23:00 - Updated: 2025-01-06 23:00Summary
IBM Spectrum Protect: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM Spectrum Protect ist eine zentralisierte Backuplösung für Systeme im Netzwerk.
Angriff
Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM Spectrum Protect ausnutzen, um einen 'Denial of Service'-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, einen 'Cross-Site-Scripting'-Angriff durchzuführen, beliebigen Code auszuführen, sensible Informationen offenzulegen und seine Privilegien zu erweitern.
Betroffene Betriebssysteme
- Linux
- Sonstiges
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM Spectrum Protect ist eine zentralisierte Backupl\u00f6sung f\u00fcr Systeme im Netzwerk.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM Spectrum Protect ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, sensible Informationen offenzulegen und seine Privilegien zu erweitern.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0426 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2023-0426.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0426 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0426"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-03-13",
"url": "https://www.ibm.com/support/pages/node/6562989"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-03-13",
"url": "https://www.ibm.com/support/pages/node/6562383"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-03-13",
"url": "https://www.ibm.com/support/pages/node/6562855"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-03-13",
"url": "https://www.ibm.com/support/pages/node/6562401"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-03-13",
"url": "https://www.ibm.com/support/pages/node/6562919"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-03-13",
"url": "https://www.ibm.com/support/pages/node/6562873"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-03-13",
"url": "https://www.ibm.com/support/pages/node/6562843"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-03-13",
"url": "https://www.ibm.com/support/pages/node/6562405"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6956658 vom 2023-02-18",
"url": "https://www.ibm.com/support/pages/node/6956658"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7180361 vom 2025-01-07",
"url": "https://www.ibm.com/support/pages/node/7180361"
}
],
"source_lang": "en-US",
"title": "IBM Spectrum Protect: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-01-06T23:00:00.000+00:00",
"generator": {
"date": "2025-01-07T11:48:17.558+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2023-0426",
"initial_release_date": "2022-03-13T23:00:00.000+00:00",
"revision_history": [
{
"date": "2022-03-13T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-02-19T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-01-06T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7.6.1.2",
"product": {
"name": "IBM Maximo Asset Management 7.6.1.2",
"product_id": "T026420",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:maximo_asset_management:7.6.1.2"
}
}
},
{
"category": "product_version",
"name": "7.6.1.3",
"product": {
"name": "IBM Maximo Asset Management 7.6.1.3",
"product_id": "T026421",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:maximo_asset_management:7.6.1.3"
}
}
}
],
"category": "product_name",
"name": "Maximo Asset Management"
},
{
"category": "product_name",
"name": "IBM Spectrum Protect",
"product": {
"name": "IBM Spectrum Protect",
"product_id": "T013661",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.1.6.4",
"product": {
"name": "IBM Spectrum Protect Plus \u003c10.1.6.4",
"product_id": "T040030"
}
},
{
"category": "product_version",
"name": "10.1.6.4",
"product": {
"name": "IBM Spectrum Protect Plus 10.1.6.4",
"product_id": "T040030-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect_plus:10.1.6.4"
}
}
}
],
"category": "product_name",
"name": "Spectrum Protect Plus"
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-20373",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T040030",
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-20373"
},
{
"cve": "CVE-2021-23222",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T040030",
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-23222"
},
{
"cve": "CVE-2021-23727",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T040030",
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-23727"
},
{
"cve": "CVE-2021-29678",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T040030",
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-29678"
},
{
"cve": "CVE-2021-33026",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T040030",
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-33026"
},
{
"cve": "CVE-2021-35517",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T040030",
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-35517"
},
{
"cve": "CVE-2021-35578",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T040030",
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-35578"
},
{
"cve": "CVE-2021-36090",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T040030",
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-36090"
},
{
"cve": "CVE-2021-38926",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T040030",
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-38926"
},
{
"cve": "CVE-2021-38931",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T040030",
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-38931"
},
{
"cve": "CVE-2021-39002",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T040030",
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-39002"
},
{
"cve": "CVE-2021-4034",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T040030",
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-4034"
},
{
"cve": "CVE-2021-41617",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T040030",
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-41617"
},
{
"cve": "CVE-2021-44716",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T040030",
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-44716"
},
{
"cve": "CVE-2021-44717",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T040030",
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-44717"
},
{
"cve": "CVE-2022-0235",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T040030",
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2022-0235"
},
{
"cve": "CVE-2022-0391",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T040030",
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2022-0391"
},
{
"cve": "CVE-2022-21680",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T040030",
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2022-21680"
},
{
"cve": "CVE-2022-21681",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T040030",
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2022-21681"
},
{
"cve": "CVE-2022-22346",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T040030",
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2022-22346"
},
{
"cve": "CVE-2022-22348",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T040030",
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2022-22348"
},
{
"cve": "CVE-2022-22354",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T040030",
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2022-22354"
},
{
"cve": "CVE-2022-23772",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T040030",
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2022-23772"
},
{
"cve": "CVE-2022-23773",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T040030",
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2022-23773"
},
{
"cve": "CVE-2022-23806",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T040030",
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2022-23806"
}
]
}
WID-SEC-W-2022-0534
Vulnerability from csaf_certbund - Published: 2021-09-26 22:00 - Updated: 2025-06-10 22:00Summary
OpenSSH: Schwachstelle ermöglicht Privilegieneskalation
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
OpenSSH ist eine Open Source Implementierung des Secure Shell Protokolls.
Angriff
Ein lokaler Angreifer kann eine Schwachstelle in OpenSSH ausnutzen, um seine Privilegien zu erhöhen.
Betroffene Betriebssysteme
- Linux
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "OpenSSH ist eine Open Source Implementierung des Secure Shell Protokolls.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann eine Schwachstelle in OpenSSH ausnutzen, um seine Privilegien zu erh\u00f6hen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0534 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2022-0534.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0534 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0534"
},
{
"category": "external",
"summary": "NIST Database vom 2021-09-26",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41617"
},
{
"category": "external",
"summary": "OpenSSH Security Advisory vom 2021-09-26",
"url": "https://www.openssh.com/security.html"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20211014-0004 vom 2021-10-14",
"url": "https://security.netapp.com/advisory/ntap-20211014-0004/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:4782 vom 2021-11-23",
"url": "https://access.redhat.com/errata/RHSA-2021:4782"
},
{
"category": "external",
"summary": "Palo Alto Networks Security Advisory PAN-181517 vom 2021-11-30",
"url": "https://security.paloaltonetworks.com/CVE-2021-41617"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2021:4782 vom 2021-12-01",
"url": "https://lists.centos.org/pipermail/centos-announce/2021-December/048411.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:14847-1 vom 2021-12-01",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-December/009807.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:3875-1 vom 2021-12-02",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-December/009814.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:3887-1 vom 2021-12-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-December/009823.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:3947-1 vom 2021-12-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-December/009854.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:3951-1 vom 2021-12-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-December/009848.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:3950-1 vom 2021-12-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-December/009857.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:14870-1 vom 2021-12-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-December/009937.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-1748 vom 2022-02-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2022-1748.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-1565 vom 2022-02-19",
"url": "https://alas.aws.amazon.com/ALAS-2022-1565.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2022:0805-1 vom 2022-03-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010415.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2013 vom 2022-05-10",
"url": "https://access.redhat.com/errata/RHSA-2022:2013"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2022-056 vom 2022-05-11",
"url": "https://downloads.avaya.com/css/P8/documents/101081749"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-2013 vom 2022-05-17",
"url": "https://linux.oracle.com/errata/ELSA-2022-2013.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4692 vom 2022-05-19",
"url": "https://access.redhat.com/errata/RHSA-2022:4692"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4690 vom 2022-05-19",
"url": "https://access.redhat.com/errata/RHSA-2022:4690"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4691 vom 2022-05-19",
"url": "https://access.redhat.com/errata/RHSA-2022:4691"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4671 vom 2022-05-20",
"url": "https://access.redhat.com/errata/RHSA-2022:4671"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:5483 vom 2022-07-01",
"url": "https://access.redhat.com/errata/RHSA-2022:5483"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5666-1 vom 2022-10-10",
"url": "https://ubuntu.com/security/notices/USN-5666-1"
},
{
"category": "external",
"summary": "Security Event Manager Release Notes vom 2023-04-18",
"url": "https://documentation.solarwinds.com/en/Success_Center/SEM/content/release_notes/sem_2023-2_release_notes.htm"
},
{
"category": "external",
"summary": "HPE Securi+y Bulletin",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-hpesbst04494en_us"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5586 vom 2023-12-22",
"url": "https://lists.debian.org/debian-security-announce/2023/msg00283.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6565-1 vom 2024-01-03",
"url": "https://ubuntu.com/security/notices/USN-6565-1"
},
{
"category": "external",
"summary": "SEM 2024.2 release notes vom 2024-04-17",
"url": "https://documentation.solarwinds.com/en/success_center/sem/content/release_notes/sem_2024-2_release_notes.htm"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-198 vom 2024-05-08",
"url": "https://www.dell.com/support/kbdoc/000224827/dsa-2024-="
},
{
"category": "external",
"summary": "QNAP Security Advisory QSA-24-37 vom 2024-11-22",
"url": "https://www.qnap.com/de-de/security-advisory/QSA-24-37"
},
{
"category": "external",
"summary": "Siemens Security Advisory SSA-082556 vom 2025-06-10",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
}
],
"source_lang": "en-US",
"title": "OpenSSH: Schwachstelle erm\u00f6glicht Privilegieneskalation",
"tracking": {
"current_release_date": "2025-06-10T22:00:00.000+00:00",
"generator": {
"date": "2025-06-11T06:22:50.364+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2022-0534",
"initial_release_date": "2021-09-26T22:00:00.000+00:00",
"revision_history": [
{
"date": "2021-09-26T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2021-09-27T22:00:00.000+00:00",
"number": "2",
"summary": "Korrektur"
},
{
"date": "2021-09-29T22:00:00.000+00:00",
"number": "3",
"summary": "Referenz(en) aufgenommen: FEDORA-2021-FA0E94198F"
},
{
"date": "2021-10-13T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von NetApp aufgenommen"
},
{
"date": "2021-11-23T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-11-30T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Palo Alto Networks aufgenommen"
},
{
"date": "2021-12-01T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von CentOS und SUSE aufgenommen"
},
{
"date": "2021-12-02T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-12-05T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-12-06T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-12-23T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2022-02-10T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2022-02-20T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2022-03-10T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2022-05-10T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-05-11T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von AVAYA aufgenommen"
},
{
"date": "2022-05-17T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-05-18T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-05-19T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-07-03T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-10-10T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2023-04-18T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2023-08-13T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von HP aufgenommen"
},
{
"date": "2023-12-26T23:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2024-01-03T23:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-04-16T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2024-05-07T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-11-24T23:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von QNAP aufgenommen"
},
{
"date": "2025-06-10T22:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von Siemens aufgenommen"
}
],
"status": "final",
"version": "29"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Avaya Aura Application Enablement Services",
"product": {
"name": "Avaya Aura Application Enablement Services",
"product_id": "T015516",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_application_enablement_services:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Communication Manager",
"product": {
"name": "Avaya Aura Communication Manager",
"product_id": "T015126",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:communication_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Experience Portal",
"product": {
"name": "Avaya Aura Experience Portal",
"product_id": "T015519",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_experience_portal:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Session Manager",
"product": {
"name": "Avaya Aura Session Manager",
"product_id": "T015127",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:session_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura System Manager",
"product": {
"name": "Avaya Aura System Manager",
"product_id": "T015518",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_system_manager:-"
}
}
}
],
"category": "vendor",
"name": "Avaya"
},
{
"branches": [
{
"category": "product_name",
"name": "Broadcom Brocade Switch",
"product": {
"name": "Broadcom Brocade Switch",
"product_id": "T015844",
"product_identification_helper": {
"cpe": "cpe:/h:brocade:switch:-"
}
}
}
],
"category": "vendor",
"name": "Broadcom"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "virtual",
"product": {
"name": "Dell NetWorker virtual",
"product_id": "T034583",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:virtual"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "EMC Avamar",
"product": {
"name": "EMC Avamar",
"product_id": "T014381",
"product_identification_helper": {
"cpe": "cpe:/a:emc:avamar:-"
}
}
}
],
"category": "vendor",
"name": "EMC"
},
{
"branches": [
{
"category": "product_name",
"name": "HPE Switch",
"product": {
"name": "HPE Switch",
"product_id": "T005119",
"product_identification_helper": {
"cpe": "cpe:/h:hp:switch:-"
}
}
}
],
"category": "vendor",
"name": "HPE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.8",
"product": {
"name": "NetApp FAS \u003c8.8",
"product_id": "T011540"
}
},
{
"category": "product_version",
"name": "8.8",
"product": {
"name": "NetApp FAS 8.8",
"product_id": "T011540-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:netapp:fas:-"
}
}
}
],
"category": "product_name",
"name": "FAS"
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source CentOS",
"product": {
"name": "Open Source CentOS",
"product_id": "1727",
"product_identification_helper": {
"cpe": "cpe:/o:centos:centos:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.8",
"product": {
"name": "Open Source OpenSSH \u003c8.8",
"product_id": "T020499"
}
},
{
"category": "product_version",
"name": "8.8",
"product": {
"name": "Open Source OpenSSH 8.8",
"product_id": "T020499-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:openbsd:openssh:8.8"
}
}
}
],
"category": "product_name",
"name": "OpenSSH"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "QNAP NAS",
"product": {
"name": "QNAP NAS",
"product_id": "T017100",
"product_identification_helper": {
"cpe": "cpe:/h:qnap:nas:-"
}
}
}
],
"category": "vendor",
"name": "QNAP"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1500 CPU",
"product": {
"name": "Siemens SIMATIC S7 1500 CPU",
"product_id": "T025776",
"product_identification_helper": {
"cpe": "cpe:/h:siemens:simatic_s7:1500_cpu"
}
}
}
],
"category": "product_name",
"name": "SIMATIC S7"
}
],
"category": "vendor",
"name": "Siemens"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2023.2",
"product": {
"name": "SolarWinds Security Event Manager \u003c2023.2",
"product_id": "T027433"
}
},
{
"category": "product_version",
"name": "2023.2",
"product": {
"name": "SolarWinds Security Event Manager 2023.2",
"product_id": "T027433-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:solarwinds:security_event_manager:2023.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c2024.2",
"product": {
"name": "SolarWinds Security Event Manager \u003c2024.2",
"product_id": "T034244"
}
},
{
"category": "product_version",
"name": "2024.2",
"product": {
"name": "SolarWinds Security Event Manager 2024.2",
"product_id": "T034244-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:solarwinds:security_event_manager:2024.2"
}
}
}
],
"category": "product_name",
"name": "Security Event Manager"
}
],
"category": "vendor",
"name": "SolarWinds"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-41617",
"product_status": {
"known_affected": [
"T015519",
"T015518",
"67646",
"T015516",
"T015844",
"T034583",
"T011540",
"T005119",
"T015127",
"T015126",
"T004914",
"T034244",
"T017100",
"T020499",
"T014381",
"2951",
"T002207",
"T000126",
"398363",
"T025776",
"1727",
"T027433"
]
},
"release_date": "2021-09-26T22:00:00.000+00:00",
"title": "CVE-2021-41617"
}
]
}
WID-SEC-W-2024-1082
Vulnerability from csaf_certbund - Published: 2024-05-09 22:00 - Updated: 2024-05-09 22:00Summary
Juniper JUNOS: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
JUNOS ist das "Juniper Network Operating System", das in Juniper Appliances verwendet wird.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Juniper JUNOS im Zusammenhang mit OpenSSH ausnutzen, um Sicherheitsmaßnahmen zu umgehen, beliebigen Code auszuführen oder Dateien zu manipulieren.
Betroffene Betriebssysteme
- Juniper Appliance
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "JUNOS ist das \"Juniper Network Operating System\", das in Juniper Appliances verwendet wird.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Juniper JUNOS im Zusammenhang mit OpenSSH ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Juniper Appliance",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1082 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1082.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1082 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1082"
},
{
"category": "external",
"summary": "Juniper Security Advisory vom 2024-05-09",
"url": "https://supportportal.juniper.net/s/article/2024-05-Reference-Advisory-Junos-OS-and-Junos-OS-Evolved-Multiple-CVEs-reported-in-OpenSSH"
}
],
"source_lang": "en-US",
"title": "Juniper JUNOS: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-05-09T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:08:45.014+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-1082",
"initial_release_date": "2024-05-09T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-05-09T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=19.4R1",
"product": {
"name": "Juniper JUNOS \u003e=19.4R1",
"product_id": "T034677"
}
},
{
"category": "product_version_range",
"name": "Evolved \u003e=22.3R1",
"product": {
"name": "Juniper JUNOS Evolved \u003e=22.3R1",
"product_id": "T034678"
}
}
],
"category": "product_name",
"name": "JUNOS"
}
],
"category": "vendor",
"name": "Juniper"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-20012",
"notes": [
{
"category": "description",
"text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2016-20012"
},
{
"cve": "CVE-2017-15906",
"notes": [
{
"category": "description",
"text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2017-15906"
},
{
"cve": "CVE-2018-15473",
"notes": [
{
"category": "description",
"text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2018-15473"
},
{
"cve": "CVE-2018-15919",
"notes": [
{
"category": "description",
"text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2018-15919"
},
{
"cve": "CVE-2018-20685",
"notes": [
{
"category": "description",
"text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2018-20685"
},
{
"cve": "CVE-2019-6109",
"notes": [
{
"category": "description",
"text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2019-6109"
},
{
"cve": "CVE-2019-6110",
"notes": [
{
"category": "description",
"text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2019-6110"
},
{
"cve": "CVE-2019-6111",
"notes": [
{
"category": "description",
"text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2019-6111"
},
{
"cve": "CVE-2020-12062",
"notes": [
{
"category": "description",
"text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2020-12062"
},
{
"cve": "CVE-2020-14145",
"notes": [
{
"category": "description",
"text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2020-14145"
},
{
"cve": "CVE-2020-15778",
"notes": [
{
"category": "description",
"text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2020-15778"
},
{
"cve": "CVE-2021-28041",
"notes": [
{
"category": "description",
"text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2021-28041"
},
{
"cve": "CVE-2021-36368",
"notes": [
{
"category": "description",
"text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2021-36368"
},
{
"cve": "CVE-2021-41617",
"notes": [
{
"category": "description",
"text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2021-41617"
},
{
"cve": "CVE-2023-28531",
"notes": [
{
"category": "description",
"text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2023-28531"
},
{
"cve": "CVE-2023-38408",
"notes": [
{
"category": "description",
"text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2023-38408"
},
{
"cve": "CVE-2023-48795",
"notes": [
{
"category": "description",
"text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-51384",
"notes": [
{
"category": "description",
"text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2023-51384"
},
{
"cve": "CVE-2023-51385",
"notes": [
{
"category": "description",
"text": "In Juniper JUNOS bestehen mehrere Schwachstellen in Bezug auf OpenSSH. Diese Fehler bestehen aufgrund verschiedener sicherheitsrelevanter Probleme wie einer fehlenden Zeichenkodierung, einem nicht ausreichend vertrauensw\u00fcrdigen Suchpfad oder einer unzul\u00e4ssigen Verhinderung von Schreiboperationen und mehr. Ein anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2024-05-09T22:00:00.000+00:00",
"title": "CVE-2023-51385"
}
]
}
WID-SEC-W-2022-0676
Vulnerability from csaf_certbund - Published: 2022-07-13 22:00 - Updated: 2023-01-11 23:00Summary
Juniper Junos Space: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Junos Space ist eine Software-Plattform, die eine Reihe von Applikationen für das Netzwerkmanagement beinhaltet.
Angriff
Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Juniper Junos Space ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu verändern, seine Privilegien zu erweitern und Sicherheitsmaßnahmen zu umgehen.
Betroffene Betriebssysteme
- Juniper Appliance
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Junos Space ist eine Software-Plattform, die eine Reihe von Applikationen f\u00fcr das Netzwerkmanagement beinhaltet.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Juniper Junos Space ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Juniper Appliance",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0676 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0676.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0676 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0676"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA70182 vom 2023-01-12",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Contrail-Service-Orchestration-Multiple-vulnerabilities-resolved-in-CSO-6-3-0?language=en_US"
},
{
"category": "external",
"summary": "Juniper Security Advisory vom 2022-07-13",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-Space-Security-Director-Policy-Enforcer-upgraded-to-CentOS-7-9"
},
{
"category": "external",
"summary": "Juniper Security Advisory vom 2022-07-13",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-22-2R1-release-CVE-2022-22218?language=en_US"
}
],
"source_lang": "en-US",
"title": "Juniper Junos Space: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-01-11T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:31:42.465+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-0676",
"initial_release_date": "2022-07-13T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-07-13T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-01-11T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Juniper aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Juniper Contrail Service Orchestration",
"product": {
"name": "Juniper Contrail Service Orchestration",
"product_id": "T025794",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:contrail_service_orchestration:-"
}
}
},
{
"category": "product_name",
"name": "Juniper Junos Space \u003c 22.1R1",
"product": {
"name": "Juniper Junos Space \u003c 22.1R1",
"product_id": "T023842",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:junos_space:22.1r1"
}
}
}
],
"category": "vendor",
"name": "Juniper"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-2124",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2016-2124"
},
{
"cve": "CVE-2020-25704",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2020-25704"
},
{
"cve": "CVE-2020-25717",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2020-25717"
},
{
"cve": "CVE-2020-36322",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2020-36322"
},
{
"cve": "CVE-2020-36385",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2020-36385"
},
{
"cve": "CVE-2021-20271",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2021-20271"
},
{
"cve": "CVE-2021-22946",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2021-22946"
},
{
"cve": "CVE-2021-23017",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2021-23017"
},
{
"cve": "CVE-2021-23840",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2021-23840"
},
{
"cve": "CVE-2021-23841",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2021-23841"
},
{
"cve": "CVE-2021-28950",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2021-28950"
},
{
"cve": "CVE-2021-35550",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2021-35550"
},
{
"cve": "CVE-2021-35556",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2021-35556"
},
{
"cve": "CVE-2021-35559",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2021-35559"
},
{
"cve": "CVE-2021-35561",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2021-35561"
},
{
"cve": "CVE-2021-35564",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2021-35564"
},
{
"cve": "CVE-2021-35565",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2021-35565"
},
{
"cve": "CVE-2021-35567",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2021-35567"
},
{
"cve": "CVE-2021-35578",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2021-35578"
},
{
"cve": "CVE-2021-35586",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2021-35586"
},
{
"cve": "CVE-2021-35588",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2021-35588"
},
{
"cve": "CVE-2021-35603",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2021-35603"
},
{
"cve": "CVE-2021-37750",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2021-37750"
},
{
"cve": "CVE-2021-41617",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2021-41617"
},
{
"cve": "CVE-2021-42574",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2021-42574"
},
{
"cve": "CVE-2021-42739",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2021-42739"
},
{
"cve": "CVE-2022-21245",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2022-21245"
},
{
"cve": "CVE-2022-21270",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2022-21270"
},
{
"cve": "CVE-2022-21303",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2022-21303"
},
{
"cve": "CVE-2022-21304",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2022-21304"
},
{
"cve": "CVE-2022-21344",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2022-21344"
},
{
"cve": "CVE-2022-21367",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2022-21367"
},
{
"cve": "CVE-2022-22218",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten nginx resolver, Java SE, Oracle GraalVM, OpenSSH, Unicode, Samba, RPM, Kerberos, OpenSSL, Linux Kernel, curl und MySQL. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Daten zu manipulieren oder zu ver\u00e4ndern, seine Privilegien zu erweitern und Sicherheitsma\u00dfnahmen zu umgehen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Privilegien."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-07-13T22:00:00.000+00:00",
"title": "CVE-2022-22218"
}
]
}
WID-SEC-W-2023-1969
Vulnerability from csaf_certbund - Published: 2023-08-06 22:00 - Updated: 2023-08-06 22:00Summary
HPE Fabric OS: Mehrere Schwachstellen ermöglichen Privilegieneskalation
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Fabric OS (FOS) ist ein Betriebssystem für FibreChannel Switches.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in HPE Fabric OS für HPE Fibre Channel und SAN Switches ausnutzen, um seine Privilegien zu erhöhen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Betroffene Betriebssysteme
- BIOS/Firmware
- Hardware Appliance
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Fabric OS (FOS) ist ein Betriebssystem f\u00fcr FibreChannel Switches.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches ausnutzen, um seine Privilegien zu erh\u00f6hen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- BIOS/Firmware\n- Hardware Appliance",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-1969 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1969.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-1969 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1969"
},
{
"category": "external",
"summary": "HPE Security Bulletin HPESBST04494 vom 2023-08-04",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-hpesbst04494en_us"
}
],
"source_lang": "en-US",
"title": "HPE Fabric OS: Mehrere Schwachstellen erm\u00f6glichen Privilegieneskalation",
"tracking": {
"current_release_date": "2023-08-06T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:56:35.841+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-1969",
"initial_release_date": "2023-08-06T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-08-06T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "HPE Fabric OS \u003c 9.1.1",
"product": {
"name": "HPE Fabric OS \u003c 9.1.1",
"product_id": "T024587",
"product_identification_helper": {
"cpe": "cpe:/o:hpe:fabric_os:9.1.1"
}
}
},
{
"category": "product_name",
"name": "HPE Fabric OS \u003c v8.2.3c",
"product": {
"name": "HPE Fabric OS \u003c v8.2.3c",
"product_id": "T024589",
"product_identification_helper": {
"cpe": "cpe:/o:hpe:fabric_os:v8.2.3c"
}
}
},
{
"category": "product_name",
"name": "HPE Fabric OS \u003c 7.4.2j",
"product": {
"name": "HPE Fabric OS \u003c 7.4.2j",
"product_id": "T029096",
"product_identification_helper": {
"cpe": "cpe:/o:hpe:fabric_os:7.4.2j"
}
}
},
{
"category": "product_name",
"name": "HPE Fabric OS \u003c v8.2.3d",
"product": {
"name": "HPE Fabric OS \u003c v8.2.3d",
"product_id": "T029097",
"product_identification_helper": {
"cpe": "cpe:/o:hpe:fabric_os:v8.2.3d"
}
}
},
{
"category": "product_name",
"name": "HPE Fabric OS \u003c 9.0.1e",
"product": {
"name": "HPE Fabric OS \u003c 9.0.1e",
"product_id": "T029098",
"product_identification_helper": {
"cpe": "cpe:/o:hpe:fabric_os:9.0.1e"
}
}
},
{
"category": "product_name",
"name": "HPE Fabric OS \u003c 9.1.1c",
"product": {
"name": "HPE Fabric OS \u003c 9.1.1c",
"product_id": "T029101",
"product_identification_helper": {
"cpe": "cpe:/o:hpe:fabric_os:9.1.1c"
}
}
}
],
"category": "product_name",
"name": "Fabric OS"
},
{
"branches": [
{
"category": "product_name",
"name": "HPE Switch SAN",
"product": {
"name": "HPE Switch SAN",
"product_id": "T029100",
"product_identification_helper": {
"cpe": "cpe:/h:hp:switch:san_switch"
}
}
},
{
"category": "product_name",
"name": "HPE Switch Fibre Channel",
"product": {
"name": "HPE Switch Fibre Channel",
"product_id": "T029104",
"product_identification_helper": {
"cpe": "cpe:/h:hp:switch:fibre_channel"
}
}
}
],
"category": "product_name",
"name": "Switch"
}
],
"category": "vendor",
"name": "HPE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-31928",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2023-31928"
},
{
"cve": "CVE-2023-31927",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2023-31927"
},
{
"cve": "CVE-2023-31926",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2023-31926"
},
{
"cve": "CVE-2023-31432",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2023-31432"
},
{
"cve": "CVE-2023-31431",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2023-31431"
},
{
"cve": "CVE-2023-31430",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2023-31430"
},
{
"cve": "CVE-2023-31429",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2023-31429"
},
{
"cve": "CVE-2023-31428",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2023-31428"
},
{
"cve": "CVE-2023-31427",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2023-31427"
},
{
"cve": "CVE-2023-31426",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2023-31426"
},
{
"cve": "CVE-2023-31425",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2023-31425"
},
{
"cve": "CVE-2022-44792",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2022-44792"
},
{
"cve": "CVE-2022-3786",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2022-3786"
},
{
"cve": "CVE-2022-3602",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2022-3602"
},
{
"cve": "CVE-2022-29154",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2022-29154"
},
{
"cve": "CVE-2022-28615",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2022-28615"
},
{
"cve": "CVE-2022-28614",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2022-28614"
},
{
"cve": "CVE-2022-25313",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2022-25313"
},
{
"cve": "CVE-2022-25236",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2022-25236"
},
{
"cve": "CVE-2022-25235",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2022-25235"
},
{
"cve": "CVE-2022-24448",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2022-24448"
},
{
"cve": "CVE-2022-23219",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2022-23219"
},
{
"cve": "CVE-2022-2097",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2022-2097"
},
{
"cve": "CVE-2022-2068",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2022-2068"
},
{
"cve": "CVE-2022-0778",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2022-0778"
},
{
"cve": "CVE-2022-0322",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2022-0322"
},
{
"cve": "CVE-2022-0155",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2022-0155"
},
{
"cve": "CVE-2021-45486",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2021-45486"
},
{
"cve": "CVE-2021-45485",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2021-45485"
},
{
"cve": "CVE-2021-41617",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2021-41617"
},
{
"cve": "CVE-2021-4145",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2021-4145"
},
{
"cve": "CVE-2021-39275",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2021-39275"
},
{
"cve": "CVE-2021-3800",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2021-3800"
},
{
"cve": "CVE-2021-20193",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2021-20193"
},
{
"cve": "CVE-2021-0146",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2021-0146"
},
{
"cve": "CVE-2020-36558",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2020-36558"
},
{
"cve": "CVE-2020-36557",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2020-36557"
},
{
"cve": "CVE-2020-15861",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2020-15861"
},
{
"cve": "CVE-2020-14145",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2020-14145"
},
{
"cve": "CVE-2019-0220",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2019-0220"
},
{
"cve": "CVE-2018-7738",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2018-7738"
},
{
"cve": "CVE-2018-25032",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2018-25032"
},
{
"cve": "CVE-2018-14404",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2018-14404"
},
{
"cve": "CVE-2018-14348",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2018-14348"
},
{
"cve": "CVE-2018-0739",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2018-0739"
},
{
"cve": "CVE-2014-2524",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2014-2524"
},
{
"cve": "CVE-2012-0060",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2012-0060"
},
{
"cve": "CVE-2011-4917",
"notes": [
{
"category": "description",
"text": "In HPE Fabric OS f\u00fcr HPE Fibre Channel und SAN Switches existieren mehrere Schwachstellen. Diese werden nicht einzeln im Detail beschrieben. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, Informationen offenzulegen, oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T029100",
"T029104"
]
},
"release_date": "2023-08-06T22:00:00.000+00:00",
"title": "CVE-2011-4917"
}
]
}
ICSA-25-162-05
Vulnerability from csaf_cisa - Published: 2025-06-10 00:00 - Updated: 2025-08-12 00:00Summary
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5
Notes
Summary
Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the firmware version V3.1.5 for the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP (incl. SIPLUS variant).
Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This ICSA is a verbatim republication of Siemens ProductCERT SSA-082556 from a direct conversion of the vendor's Common Security Advisory Framework (CSAF) advisory. This is republished to CISA's website as a means of increasing visibility and is provided "as-is" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact Siemens ProductCERT directly for any questions regarding this advisory.
Critical infrastructure sectors
Critical Manufacturing, Transportation Systems, Energy, Healthcare and Public Health, Financial Services, Government Services and Facilities
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens ProductCERT",
"summary": "reporting these vulnerabilities to CISA."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the firmware version V3.1.5 for the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP (incl. SIPLUS variant).\n\nSiemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "other",
"text": "This ICSA is a verbatim republication of Siemens ProductCERT SSA-082556 from a direct conversion of the vendor\u0027s Common Security Advisory Framework (CSAF) advisory. This is republished to CISA\u0027s website as a means of increasing visibility and is provided \"as-is\" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact Siemens ProductCERT directly for any questions regarding this advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Critical Manufacturing, Transportation Systems, Energy, Healthcare and Public Health, Financial Services, Government Services and Facilities",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "other",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "SSA-082556: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-082556.json"
},
{
"category": "self",
"summary": "SSA-082556: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5 - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-25-162-05 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2025/icsa-25-162-05.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-25-162-05 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-05"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5",
"tracking": {
"current_release_date": "2025-08-12T00:00:00.000000Z",
"generator": {
"date": "2025-08-14T23:08:52.425782Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-25-162-05",
"initial_release_date": "2025-06-10T00:00:00.000000Z",
"revision_history": [
{
"date": "2025-06-10T00:00:00.000000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2025-08-12T00:00:00.000000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added CVE-2025-6395, CVE-2025-32988, CVE-2025-32989, CVE-2025-32990"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.1.5",
"product": {
"name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)",
"product_id": "CSAFPID-0001",
"product_identification_helper": {
"model_numbers": [
"6ES7518-4AX00-1AB0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.1.5",
"product": {
"name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)",
"product_id": "CSAFPID-0002",
"product_identification_helper": {
"model_numbers": [
"6ES7518-4AX00-1AC0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.1.5",
"product": {
"name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)",
"product_id": "CSAFPID-0003",
"product_identification_helper": {
"model_numbers": [
"6ES7518-4FX00-1AB0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.1.5",
"product": {
"name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)",
"product_id": "CSAFPID-0004",
"product_identification_helper": {
"model_numbers": [
"6ES7518-4FX00-1AC0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.1.5",
"product": {
"name": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)",
"product_id": "CSAFPID-0005",
"product_identification_helper": {
"model_numbers": [
"6AG1518-4AX00-4AC0"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-41617",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2021-41617"
},
{
"cve": "CVE-2023-4527",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2023-4527"
},
{
"cve": "CVE-2023-4806",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2023-4806"
},
{
"cve": "CVE-2023-4911",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "A buffer overflow was discovered in the GNU C Library\u0027s dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2023-4911"
},
{
"cve": "CVE-2023-5363",
"cwe": {
"id": "CWE-684",
"name": "Incorrect Provision of Specified Functionality"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: A bug has been identified in the processing of key and initialisation vector (IV) lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in loss of confidentiality for some cipher modes. When calling EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() or EVP_CipherInit_ex2() the provided OSSL_PARAM array is processed after the key and IV have been established. Any alterations to the key length, via the \"keylen\" parameter or the IV length, via the \"ivlen\" parameter, within the OSSL_PARAM array will not take effect as intended, potentially causing truncation or overreading of these values. The following ciphers and cipher modes are impacted: RC2, RC4, RC5, CCM, GCM and OCB. For the CCM, GCM and OCB cipher modes, truncation of the IV can result in loss of confidentiality. For example, when following NIST\u0027s SP 800-38D section 8.2.1 guidance for constructing a deterministic IV for AES in GCM mode, truncation of the counter portion could lead to IV reuse. Both truncations and overruns of the key and overruns of the IV will produce incorrect results and could, in some cases, trigger a memory exception. However, these issues are not currently assessed as security critical. Changing the key and/or IV lengths is not considered to be a common operation and the vulnerable API was recently introduced. Furthermore it is likely that application developers will have spotted this problem during testing since decryption would fail unless both peers in the communication were similarly vulnerable. For these reasons we expect the probability of an application being vulnerable to this to be quite low. However if an application is vulnerable then this issue is considered very serious. For these reasons we have assessed this issue as Moderate severity overall. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this because the issue lies outside of the FIPS provider boundary. OpenSSL 3.1 and 3.0 are vulnerable to this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2023-5363"
},
{
"cve": "CVE-2023-6246",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue affects glibc 2.36 and newer.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2023-6246"
},
{
"cve": "CVE-2023-6779",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INT_MAX bytes, leading to an incorrect calculation of the buffer size to store the message, resulting in an application crash. This issue affects glibc 2.37 and newer.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2023-6779"
},
{
"cve": "CVE-2023-6780",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "summary",
"text": "An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2023-6780"
},
{
"cve": "CVE-2023-28531",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2023-28531"
},
{
"cve": "CVE-2023-38545",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake.\r\n\r\nWhen curl is asked to pass along the hostname to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that hostname can be is 255 bytes.\r\n\r\nIf the hostname is detected to be longer than 255 bytes, curl switches to local name resolving and instead passes on the resolved address only to the proxy. Due to a bug, the local variable that means \"let the host resolve the name\" could get the wrong value during a slow SOCKS5 handshake, and contrary to the intention, copy the too long hostname to the target buffer instead of copying just the resolved address there.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2023-38545"
},
{
"cve": "CVE-2023-38546",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"notes": [
{
"category": "summary",
"text": "This flaw allows an attacker to insert cookies at will into a running program\r\nusing libcurl, if the specific series of conditions are met.\r\n\r\nlibcurl performs transfers. In its API, an application creates \"easy handles\"\r\nthat are the individual handles for single transfers.\r\n\r\nlibcurl provides a function call that duplicates en easy handle called\r\n[curl_easy_duphandle](https://curl.se/libcurl/c/curl_easy_duphandle.html).\r\n\r\nIf a transfer has cookies enabled when the handle is duplicated, the\r\ncookie-enable state is also cloned - but without cloning the actual\r\ncookies. If the source handle did not read any cookies from a specific file on\r\ndisk, the cloned version of the handle would instead store the file name as\r\n`none` (using the four ASCII letters, no quotes).\r\n\r\nSubsequent use of the cloned handle that does not explicitly set a source to\r\nload cookies from would then inadvertently load cookies from a file named\r\n`none` - if such a file exists and is readable in the current directory of the\r\nprogram using libcurl. And if using the correct file format of course.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2023-38546"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-46218",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "This flaw allows a malicious HTTP server to set \"super cookies\" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl\u0027s function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2023-46218"
},
{
"cve": "CVE-2023-46219",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2023-46219"
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"notes": [
{
"category": "summary",
"text": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust; and there could be effects on Bitvise SSH through 9.31.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-51384",
"cwe": {
"id": "CWE-304",
"name": "Missing Critical Step in Authentication"
},
"notes": [
{
"category": "summary",
"text": "In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2023-51384"
},
{
"cve": "CVE-2023-51385",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2023-51385"
},
{
"cve": "CVE-2023-52927",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "netfilter: allow exp not to be removed in nf_ct_find_expectation Currently nf_conntrack_in() calling nf_ct_find_expectation() will remove the exp from the hash table. However, in some scenario, we expect the exp not to be removed when the created ct will not be confirmed, like in OVS and TC conntrack in the following patches. This patch allows exp not to be removed by setting IPS_CONFIRMED in the status of the tmpl.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2023-52927"
},
{
"cve": "CVE-2024-2961",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2024-2961"
},
{
"cve": "CVE-2024-6119",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial of service. Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address when comparing the expected name with an `otherName` subject alternative name of an X.509 certificate. This may result in an exception that terminates the application program. Note that basic certificate chain validation (signatures, dates, ...) is not affected, the denial of service can occur only when the application also specifies an expected DNS name, Email address or IP address. TLS servers rarely solicit client certificates, and even when they do, they generally don\u0027t perform a name check against a reference identifier (expected identity), but rather extract the presented identity after checking the certificate chain. So TLS servers are generally not affected and the severity of the issue is Moderate. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2024-6119"
},
{
"cve": "CVE-2024-6387",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"notes": [
{
"category": "summary",
"text": "A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2024-6387"
},
{
"cve": "CVE-2024-12133",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"notes": [
{
"category": "summary",
"text": "A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2024-12133"
},
{
"cve": "CVE-2024-12243",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"notes": [
{
"category": "summary",
"text": "A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2024-12243"
},
{
"cve": "CVE-2024-24855",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A race condition was found in the Linux kernel\u0027s scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2024-24855"
},
{
"cve": "CVE-2024-26596",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net: dsa: netdev_priv() dereference before check on non-DSA netdevice events.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2024-26596"
},
{
"cve": "CVE-2024-28085",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users\u0027 terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2024-28085"
},
{
"cve": "CVE-2024-33599",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "nscd: Stack-based buffer overflow in netgroup cache\r\n\r\nIf the Name Service Cache Daemon\u0027s (nscd) fixed size cache is exhausted\r\nby client requests then a subsequent client request for netgroup data\r\nmay result in a stack-based buffer overflow. This flaw was introduced\r\nin glibc 2.15 when the cache was added to nscd.\r\n\r\nThis vulnerability is only present in the nscd binary.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2024-33599"
},
{
"cve": "CVE-2024-33600",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "nscd: Null pointer crashes after notfound response\r\n\r\nIf the Name Service Cache Daemon\u0027s (nscd) cache fails to add a not-found\r\nnetgroup response to the cache, the client request can result in a null\r\npointer dereference. This flaw was introduced in glibc 2.15 when the\r\ncache was added to nscd.\r\n\r\nThis vulnerability is only present in the nscd binary.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2024-33600"
},
{
"cve": "CVE-2024-33601",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"notes": [
{
"category": "summary",
"text": "nscd: netgroup cache may terminate daemon on memory allocation failure\r\n\r\nThe Name Service Cache Daemon\u0027s (nscd) netgroup cache uses xmalloc or\r\nxrealloc and these functions may terminate the process due to a memory\r\nallocation failure resulting in a denial of service to the clients. The\r\nflaw was introduced in glibc 2.15 when the cache was added to nscd.\r\n\r\nThis vulnerability is only present in the nscd binary.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2024-33601"
},
{
"cve": "CVE-2024-33602",
"cwe": {
"id": "CWE-466",
"name": "Return of Pointer Value Outside of Expected Range"
},
"notes": [
{
"category": "summary",
"text": "nscd: netgroup cache assumes NSS callback uses in-buffer strings\r\n\r\nThe Name Service Cache Daemon\u0027s (nscd) netgroup cache can corrupt memory\r\nwhen the NSS callback does not store all strings in the provided buffer.\r\nThe flaw was introduced in glibc 2.15 when the cache was added to nscd.\r\n\r\nThis vulnerability is only present in the nscd binary.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2024-33602"
},
{
"cve": "CVE-2024-34397",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This could lead to the GDBus-based client behaving incorrectly, with an application-dependent impact.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2024-34397"
},
{
"cve": "CVE-2024-37370",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "summary",
"text": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2024-37370"
},
{
"cve": "CVE-2024-37371",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "summary",
"text": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2024-37371"
},
{
"cve": "CVE-2024-45490",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2024-45490"
},
{
"cve": "CVE-2024-45491",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2024-45491"
},
{
"cve": "CVE-2024-45492",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2024-45492"
},
{
"cve": "CVE-2024-50246",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfs/ntfs3: Add rough attr alloc_size check",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2024-50246"
},
{
"cve": "CVE-2024-53166",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "block, bfq: bfqq uaf in bfq_limit_depth() Set new allocated bfqq to bic or remove freed bfqq from bic are both protected by bfqd-\u003elock, however bfq_limit_depth() is deferencing bfqq from bic without the lock, this can lead to UAF if the io_context is shared by multiple tasks.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2024-53166"
},
{
"cve": "CVE-2024-57977",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "memcg: A soft lockup vulnerability in the product with about 56,000 tasks were in the OOM cgroup, it was traversing them when the soft lockup was triggered.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2024-57977"
},
{
"cve": "CVE-2024-57996",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"notes": [
{
"category": "summary",
"text": "net_sched: sch_sfq: vulnerability caused by incorrectly handling a packet limit of 1, leading to an array-index-out-of-bounds error and subsequent crash when the queue length is decremented for an empty slot.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2024-57996"
},
{
"cve": "CVE-2024-58005",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "tpm: Change to kvalloc() in eventlog/acpi.c.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2024-58005"
},
{
"cve": "CVE-2025-4373",
"cwe": {
"id": "CWE-124",
"name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "GLib is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2025-4373"
},
{
"cve": "CVE-2025-4598",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original\u0027s privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\r\n\r\nA SUID binary or process has a special type of permission, which allows the process to run with the file owner\u0027s permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original\u0027s SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2025-4598"
},
{
"cve": "CVE-2025-6395",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2025-6395"
},
{
"cve": "CVE-2025-21701",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "net: vulnerability arises because unregister_netdevice_many_notify might run before the rtnl lock section of ethnl operations, leading to potential use of destroyed locks, which is fixed by denying operations on devices being unregistered.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2025-21701"
},
{
"cve": "CVE-2025-21702",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-21712",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "md/md-bitmap: vulnerability caused by bitmap_get_stats() can be called even if the bitmap is destroyed or not fully initialized, leading to a kernel crash, which is fixed by synchronizing bitmap_get_stats() with bitmap_info.mutex.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2025-21712"
},
{
"cve": "CVE-2025-21724",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index(). Resolve a UBSAN shift-out-of-bounds issue in iova_bitmap_offset_to_index() where shifting the constant \"1\" (of type int) by bitmap-\u003emapped.pgshift (an unsigned long value) could result in undefined behavior. The constant \"1\" defaults to a 32-bit \"int\", and when \"pgshift\" exceeds 31 (e.g., pgshift = 63) the shift operation overflows, as the result cannot be represented in a 32-bit type.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2025-21724"
},
{
"cve": "CVE-2025-21728",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "bpf: Send signals asynchronously if !preemptible BPF programs can execute in all kinds of contexts and when a program running in a non-preemptible context uses the bpf_send_signal() kfunc, it will cause issues because this kfunc can sleep.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2025-21728"
},
{
"cve": "CVE-2025-21745",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nblk-cgroup: Fix class @block_class\u0027s subsystem refcount leakage\r\n\r\nblkcg_fill_root_iostats() iterates over @block_class\u0027s devices by\r\nclass_dev_iter_(init|next)(), but does not end iterating with\r\nclass_dev_iter_exit(), so causes the class\u0027s subsystem refcount leakage.\r\n\r\nFix by ending the iterating with class_dev_iter_exit().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2025-21745"
},
{
"cve": "CVE-2025-21756",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind() and those implicitly bound through autobind during connect().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2025-21756"
},
{
"cve": "CVE-2025-21758",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ipv6: mcast: add RCU protection to mld_newpack() mld_newpack() can be called without RTNL or RCU being held.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2025-21758"
},
{
"cve": "CVE-2025-21765",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ipv6: use RCU protection in ip6_default_advmss() ip6_default_advmss() needs rcu protection to make sure the net structure it reads does not disappear.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2025-21765"
},
{
"cve": "CVE-2025-21766",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ipv4: use RCU protection in __ip_rt_update_pmtu(). __ip_rt_update_pmtu() must use RCU protection to make sure the net structure it reads does not disappear.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2025-21766"
},
{
"cve": "CVE-2025-21767",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context The following bug report happened with a PREEMPT_RT kernel: BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48 in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 2012, name: kwatchdog preempt_count: 1, expected: 0 RCU nest depth: 0, expected: 0 get_random_u32+0x4f/0x110 clocksource_verify_choose_cpus+0xab/0x1a0 clocksource_verify_percpu.part.0+0x6b/0x330 clocksource_watchdog_kthread+0x193/0x1a0 It is due to the fact that clocksource_verify_choose_cpus() is invoked with preemption disabled. This function invokes get_random_u32() to obtain random numbers for choosing CPUs. The batched_entropy_32 local lock and/or the base_crng.lock spinlock in driver/char/random.c will be acquired during the call. In PREEMPT_RT kernel, they are both sleeping locks and so cannot be acquired in atomic context. Fix this problem by using migrate_disable() to allow smp_processor_id() to be reliably used without introducing atomic context. preempt_disable() is then called after clocksource_verify_choose_cpus() but before the clocksource measurement is being run to avoid introducing unexpected latency.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2025-21767"
},
{
"cve": "CVE-2025-21795",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "NFSD: hang in nfsd4_shutdown_callback. If nfs4_client is in courtesy state then there is no point to send the callback. This causes nfsd4_shutdown_callback to hang since cl_cb_inflight is not 0. This hang lasts about 15 minutes until TCP notifies NFSD that the connection was dropped.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2025-21795"
},
{
"cve": "CVE-2025-21796",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "nfsd: clear acl_access/acl_default after releasing them If getting acl_default fails, acl_access and acl_default will be released simultaneously.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2025-21796"
},
{
"cve": "CVE-2025-21848",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnfp: bpf: Add check for nfp_app_ctrl_msg_alloc()\r\n\r\nAdd check for the return value of nfp_app_ctrl_msg_alloc() in\r\nnfp_bpf_cmsg_alloc() to prevent null pointer dereference.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2025-21848"
},
{
"cve": "CVE-2025-21862",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "drop_monitor: incorrect initialization order. If drop_monitor is built as a kernel module, syzkaller may have time to send a netlink NET_DM_CMD_START message during the module loading. This will call the net_dm_monitor_start() function that uses a spinlock that has not yet been initialized.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2025-21862"
},
{
"cve": "CVE-2025-21864",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntcp: drop secpath at the same time as we currently drop dst\r\n\r\nXiumei reported hitting the WARN in xfrm6_tunnel_net_exit while\r\nrunning tests that boil down to:\r\n - create a pair of netns\r\n - run a basic TCP test over ipcomp6\r\n - delete the pair of netns\r\n\r\nThe xfrm_state found on spi_byaddr was not deleted at the time we\r\ndelete the netns, because we still have a reference on it. This\r\nlingering reference comes from a secpath (which holds a ref on the\r\nxfrm_state), which is still attached to an skb. This skb is not\r\nleaked, it ends up on sk_receive_queue and then gets defer-free\u0027d by\r\nskb_attempt_defer_free.\r\n\r\nThe problem happens when we defer freeing an skb (push it on one CPU\u0027s\r\ndefer_list), and don\u0027t flush that list before the netns is deleted. In\r\nthat case, we still have a reference on the xfrm_state that we don\u0027t\r\nexpect at this point.\r\n\r\nWe already drop the skb\u0027s dst in the TCP receive path when it\u0027s no\r\nlonger needed, so let\u0027s also drop the secpath. At this point,\r\ntcp_filter has already called into the LSM hooks that may require the\r\nsecpath, so it should not be needed anymore. However, in some of those\r\nplaces, the MPTCP extension has just been attached to the skb, so we\r\ncannot simply drop all extensions.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2025-21864"
},
{
"cve": "CVE-2025-21865",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl(). Commit eb28fd76c0a0 (\"gtp: Destroy device along with udp socket\u0027s netns dismantle.\") added the for_each_netdev() loop in gtp_net_exit_batch_rtnl() to destroy devices in each netns as done in geneve and ip tunnels. However, this could trigger -\u003edellink() twice for the same device during -\u003eexit_batch_rtnl().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2025-21865"
},
{
"cve": "CVE-2025-26465",
"cwe": {
"id": "CWE-390",
"name": "Detection of Error Condition Without Action"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client\u0027s memory resource first, turning the attack complexity high.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2025-26465"
},
{
"cve": "CVE-2025-31115",
"cwe": {
"id": "CWE-826",
"name": "Premature Release of Resource During Expected Lifetime"
},
"notes": [
{
"category": "summary",
"text": "The threaded .xz decoder in liblzma has a vulnerability that can at least result in a crash (denial of service). The effects include heap use after free and writing to an address based on the null pointer plus an offset.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2025-31115"
},
{
"cve": "CVE-2025-32988",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure. This vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2025-32988"
},
{
"cve": "CVE-2025-32989",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "summary",
"text": "A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2025-32989"
},
{
"cve": "CVE-2025-46836",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net-tools is a collection of programs that form the base set of the NET-3 networking distribution for the Linux operating system. Inn versions up to and including 2.10, the Linux network utilities (like ifconfig) from the net-tools package do not properly validate the structure of /proc files when showing interfaces. `get_name()` in `interface.c` copies interface labels from `/proc/net/dev` into a fixed 16-byte stack buffer without bounds checking, leading to possible arbitrary code execution or crash. The known attack path does not require privilege but also does not provide privilege escalation in this scenario. A patch is available and expected to be part of version 2.20.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
],
"title": "CVE-2025-46836"
}
]
}
OPENSUSE-SU-2021:3950-1
Vulnerability from csaf_opensuse - Published: 2021-12-06 13:59 - Updated: 2021-12-06 13:59Summary
Security update for openssh
Notes
Title of the patch
Security update for openssh
Description of the patch
This update for openssh fixes the following issues:
- CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured (bsc#1190975).
Patchnames
openSUSE-SLE-15.3-2021-3950
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssh",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssh fixes the following issues:\n\n- CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured (bsc#1190975).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-SLE-15.3-2021-3950",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_3950-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2021:3950-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BEK24NI33V77MMNQQN72LO2RGAF23X76/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2021:3950-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BEK24NI33V77MMNQQN72LO2RGAF23X76/"
},
{
"category": "self",
"summary": "SUSE Bug 1190975",
"url": "https://bugzilla.suse.com/1190975"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-41617 page",
"url": "https://www.suse.com/security/cve/CVE-2021-41617/"
}
],
"title": "Security update for openssh",
"tracking": {
"current_release_date": "2021-12-06T13:59:54Z",
"generator": {
"date": "2021-12-06T13:59:54Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2021:3950-1",
"initial_release_date": "2021-12-06T13:59:54Z",
"revision_history": [
{
"date": "2021-12-06T13:59:54Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssh-8.4p1-3.6.1.aarch64",
"product": {
"name": "openssh-8.4p1-3.6.1.aarch64",
"product_id": "openssh-8.4p1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-8.4p1-3.6.1.aarch64",
"product": {
"name": "openssh-askpass-gnome-8.4p1-3.6.1.aarch64",
"product_id": "openssh-askpass-gnome-8.4p1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-cavs-8.4p1-3.6.1.aarch64",
"product": {
"name": "openssh-cavs-8.4p1-3.6.1.aarch64",
"product_id": "openssh-cavs-8.4p1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-clients-8.4p1-3.6.1.aarch64",
"product": {
"name": "openssh-clients-8.4p1-3.6.1.aarch64",
"product_id": "openssh-clients-8.4p1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-common-8.4p1-3.6.1.aarch64",
"product": {
"name": "openssh-common-8.4p1-3.6.1.aarch64",
"product_id": "openssh-common-8.4p1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-fips-8.4p1-3.6.1.aarch64",
"product": {
"name": "openssh-fips-8.4p1-3.6.1.aarch64",
"product_id": "openssh-fips-8.4p1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-8.4p1-3.6.1.aarch64",
"product": {
"name": "openssh-helpers-8.4p1-3.6.1.aarch64",
"product_id": "openssh-helpers-8.4p1-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-server-8.4p1-3.6.1.aarch64",
"product": {
"name": "openssh-server-8.4p1-3.6.1.aarch64",
"product_id": "openssh-server-8.4p1-3.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-8.4p1-3.6.1.ppc64le",
"product": {
"name": "openssh-8.4p1-3.6.1.ppc64le",
"product_id": "openssh-8.4p1-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-8.4p1-3.6.1.ppc64le",
"product": {
"name": "openssh-askpass-gnome-8.4p1-3.6.1.ppc64le",
"product_id": "openssh-askpass-gnome-8.4p1-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-cavs-8.4p1-3.6.1.ppc64le",
"product": {
"name": "openssh-cavs-8.4p1-3.6.1.ppc64le",
"product_id": "openssh-cavs-8.4p1-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-clients-8.4p1-3.6.1.ppc64le",
"product": {
"name": "openssh-clients-8.4p1-3.6.1.ppc64le",
"product_id": "openssh-clients-8.4p1-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-common-8.4p1-3.6.1.ppc64le",
"product": {
"name": "openssh-common-8.4p1-3.6.1.ppc64le",
"product_id": "openssh-common-8.4p1-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-fips-8.4p1-3.6.1.ppc64le",
"product": {
"name": "openssh-fips-8.4p1-3.6.1.ppc64le",
"product_id": "openssh-fips-8.4p1-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-helpers-8.4p1-3.6.1.ppc64le",
"product": {
"name": "openssh-helpers-8.4p1-3.6.1.ppc64le",
"product_id": "openssh-helpers-8.4p1-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-server-8.4p1-3.6.1.ppc64le",
"product": {
"name": "openssh-server-8.4p1-3.6.1.ppc64le",
"product_id": "openssh-server-8.4p1-3.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-8.4p1-3.6.1.s390x",
"product": {
"name": "openssh-8.4p1-3.6.1.s390x",
"product_id": "openssh-8.4p1-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-8.4p1-3.6.1.s390x",
"product": {
"name": "openssh-askpass-gnome-8.4p1-3.6.1.s390x",
"product_id": "openssh-askpass-gnome-8.4p1-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-cavs-8.4p1-3.6.1.s390x",
"product": {
"name": "openssh-cavs-8.4p1-3.6.1.s390x",
"product_id": "openssh-cavs-8.4p1-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-clients-8.4p1-3.6.1.s390x",
"product": {
"name": "openssh-clients-8.4p1-3.6.1.s390x",
"product_id": "openssh-clients-8.4p1-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-common-8.4p1-3.6.1.s390x",
"product": {
"name": "openssh-common-8.4p1-3.6.1.s390x",
"product_id": "openssh-common-8.4p1-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-fips-8.4p1-3.6.1.s390x",
"product": {
"name": "openssh-fips-8.4p1-3.6.1.s390x",
"product_id": "openssh-fips-8.4p1-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-helpers-8.4p1-3.6.1.s390x",
"product": {
"name": "openssh-helpers-8.4p1-3.6.1.s390x",
"product_id": "openssh-helpers-8.4p1-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-server-8.4p1-3.6.1.s390x",
"product": {
"name": "openssh-server-8.4p1-3.6.1.s390x",
"product_id": "openssh-server-8.4p1-3.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-8.4p1-3.6.1.x86_64",
"product": {
"name": "openssh-8.4p1-3.6.1.x86_64",
"product_id": "openssh-8.4p1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-askpass-gnome-8.4p1-3.6.1.x86_64",
"product": {
"name": "openssh-askpass-gnome-8.4p1-3.6.1.x86_64",
"product_id": "openssh-askpass-gnome-8.4p1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-cavs-8.4p1-3.6.1.x86_64",
"product": {
"name": "openssh-cavs-8.4p1-3.6.1.x86_64",
"product_id": "openssh-cavs-8.4p1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-clients-8.4p1-3.6.1.x86_64",
"product": {
"name": "openssh-clients-8.4p1-3.6.1.x86_64",
"product_id": "openssh-clients-8.4p1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-common-8.4p1-3.6.1.x86_64",
"product": {
"name": "openssh-common-8.4p1-3.6.1.x86_64",
"product_id": "openssh-common-8.4p1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-fips-8.4p1-3.6.1.x86_64",
"product": {
"name": "openssh-fips-8.4p1-3.6.1.x86_64",
"product_id": "openssh-fips-8.4p1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-8.4p1-3.6.1.x86_64",
"product": {
"name": "openssh-helpers-8.4p1-3.6.1.x86_64",
"product_id": "openssh-helpers-8.4p1-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-server-8.4p1-3.6.1.x86_64",
"product": {
"name": "openssh-server-8.4p1-3.6.1.x86_64",
"product_id": "openssh-server-8.4p1-3.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.4p1-3.6.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-8.4p1-3.6.1.aarch64"
},
"product_reference": "openssh-8.4p1-3.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.4p1-3.6.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-8.4p1-3.6.1.ppc64le"
},
"product_reference": "openssh-8.4p1-3.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.4p1-3.6.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-8.4p1-3.6.1.s390x"
},
"product_reference": "openssh-8.4p1-3.6.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-8.4p1-3.6.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-8.4p1-3.6.1.x86_64"
},
"product_reference": "openssh-8.4p1-3.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-8.4p1-3.6.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-askpass-gnome-8.4p1-3.6.1.aarch64"
},
"product_reference": "openssh-askpass-gnome-8.4p1-3.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-8.4p1-3.6.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-askpass-gnome-8.4p1-3.6.1.ppc64le"
},
"product_reference": "openssh-askpass-gnome-8.4p1-3.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-8.4p1-3.6.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-askpass-gnome-8.4p1-3.6.1.s390x"
},
"product_reference": "openssh-askpass-gnome-8.4p1-3.6.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-gnome-8.4p1-3.6.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-askpass-gnome-8.4p1-3.6.1.x86_64"
},
"product_reference": "openssh-askpass-gnome-8.4p1-3.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-8.4p1-3.6.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-cavs-8.4p1-3.6.1.aarch64"
},
"product_reference": "openssh-cavs-8.4p1-3.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-8.4p1-3.6.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-cavs-8.4p1-3.6.1.ppc64le"
},
"product_reference": "openssh-cavs-8.4p1-3.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-8.4p1-3.6.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-cavs-8.4p1-3.6.1.s390x"
},
"product_reference": "openssh-cavs-8.4p1-3.6.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-8.4p1-3.6.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-cavs-8.4p1-3.6.1.x86_64"
},
"product_reference": "openssh-cavs-8.4p1-3.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-8.4p1-3.6.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-clients-8.4p1-3.6.1.aarch64"
},
"product_reference": "openssh-clients-8.4p1-3.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-8.4p1-3.6.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-clients-8.4p1-3.6.1.ppc64le"
},
"product_reference": "openssh-clients-8.4p1-3.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-8.4p1-3.6.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-clients-8.4p1-3.6.1.s390x"
},
"product_reference": "openssh-clients-8.4p1-3.6.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-8.4p1-3.6.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-clients-8.4p1-3.6.1.x86_64"
},
"product_reference": "openssh-clients-8.4p1-3.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-8.4p1-3.6.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-common-8.4p1-3.6.1.aarch64"
},
"product_reference": "openssh-common-8.4p1-3.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-8.4p1-3.6.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-common-8.4p1-3.6.1.ppc64le"
},
"product_reference": "openssh-common-8.4p1-3.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-8.4p1-3.6.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-common-8.4p1-3.6.1.s390x"
},
"product_reference": "openssh-common-8.4p1-3.6.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-8.4p1-3.6.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-common-8.4p1-3.6.1.x86_64"
},
"product_reference": "openssh-common-8.4p1-3.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.4p1-3.6.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-fips-8.4p1-3.6.1.aarch64"
},
"product_reference": "openssh-fips-8.4p1-3.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.4p1-3.6.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-fips-8.4p1-3.6.1.ppc64le"
},
"product_reference": "openssh-fips-8.4p1-3.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.4p1-3.6.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-fips-8.4p1-3.6.1.s390x"
},
"product_reference": "openssh-fips-8.4p1-3.6.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-8.4p1-3.6.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-fips-8.4p1-3.6.1.x86_64"
},
"product_reference": "openssh-fips-8.4p1-3.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.4p1-3.6.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-helpers-8.4p1-3.6.1.aarch64"
},
"product_reference": "openssh-helpers-8.4p1-3.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.4p1-3.6.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-helpers-8.4p1-3.6.1.ppc64le"
},
"product_reference": "openssh-helpers-8.4p1-3.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.4p1-3.6.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-helpers-8.4p1-3.6.1.s390x"
},
"product_reference": "openssh-helpers-8.4p1-3.6.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-8.4p1-3.6.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-helpers-8.4p1-3.6.1.x86_64"
},
"product_reference": "openssh-helpers-8.4p1-3.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-8.4p1-3.6.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-server-8.4p1-3.6.1.aarch64"
},
"product_reference": "openssh-server-8.4p1-3.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-8.4p1-3.6.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-server-8.4p1-3.6.1.ppc64le"
},
"product_reference": "openssh-server-8.4p1-3.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-8.4p1-3.6.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-server-8.4p1-3.6.1.s390x"
},
"product_reference": "openssh-server-8.4p1-3.6.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-8.4p1-3.6.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:openssh-server-8.4p1-3.6.1.x86_64"
},
"product_reference": "openssh-server-8.4p1-3.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-41617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-41617"
}
],
"notes": [
{
"category": "general",
"text": "sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:openssh-8.4p1-3.6.1.aarch64",
"openSUSE Leap 15.3:openssh-8.4p1-3.6.1.ppc64le",
"openSUSE Leap 15.3:openssh-8.4p1-3.6.1.s390x",
"openSUSE Leap 15.3:openssh-8.4p1-3.6.1.x86_64",
"openSUSE Leap 15.3:openssh-askpass-gnome-8.4p1-3.6.1.aarch64",
"openSUSE Leap 15.3:openssh-askpass-gnome-8.4p1-3.6.1.ppc64le",
"openSUSE Leap 15.3:openssh-askpass-gnome-8.4p1-3.6.1.s390x",
"openSUSE Leap 15.3:openssh-askpass-gnome-8.4p1-3.6.1.x86_64",
"openSUSE Leap 15.3:openssh-cavs-8.4p1-3.6.1.aarch64",
"openSUSE Leap 15.3:openssh-cavs-8.4p1-3.6.1.ppc64le",
"openSUSE Leap 15.3:openssh-cavs-8.4p1-3.6.1.s390x",
"openSUSE Leap 15.3:openssh-cavs-8.4p1-3.6.1.x86_64",
"openSUSE Leap 15.3:openssh-clients-8.4p1-3.6.1.aarch64",
"openSUSE Leap 15.3:openssh-clients-8.4p1-3.6.1.ppc64le",
"openSUSE Leap 15.3:openssh-clients-8.4p1-3.6.1.s390x",
"openSUSE Leap 15.3:openssh-clients-8.4p1-3.6.1.x86_64",
"openSUSE Leap 15.3:openssh-common-8.4p1-3.6.1.aarch64",
"openSUSE Leap 15.3:openssh-common-8.4p1-3.6.1.ppc64le",
"openSUSE Leap 15.3:openssh-common-8.4p1-3.6.1.s390x",
"openSUSE Leap 15.3:openssh-common-8.4p1-3.6.1.x86_64",
"openSUSE Leap 15.3:openssh-fips-8.4p1-3.6.1.aarch64",
"openSUSE Leap 15.3:openssh-fips-8.4p1-3.6.1.ppc64le",
"openSUSE Leap 15.3:openssh-fips-8.4p1-3.6.1.s390x",
"openSUSE Leap 15.3:openssh-fips-8.4p1-3.6.1.x86_64",
"openSUSE Leap 15.3:openssh-helpers-8.4p1-3.6.1.aarch64",
"openSUSE Leap 15.3:openssh-helpers-8.4p1-3.6.1.ppc64le",
"openSUSE Leap 15.3:openssh-helpers-8.4p1-3.6.1.s390x",
"openSUSE Leap 15.3:openssh-helpers-8.4p1-3.6.1.x86_64",
"openSUSE Leap 15.3:openssh-server-8.4p1-3.6.1.aarch64",
"openSUSE Leap 15.3:openssh-server-8.4p1-3.6.1.ppc64le",
"openSUSE Leap 15.3:openssh-server-8.4p1-3.6.1.s390x",
"openSUSE Leap 15.3:openssh-server-8.4p1-3.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-41617",
"url": "https://www.suse.com/security/cve/CVE-2021-41617"
},
{
"category": "external",
"summary": "SUSE Bug 1190975 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1190975"
},
{
"category": "external",
"summary": "SUSE Bug 1193497 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1193497"
},
{
"category": "external",
"summary": "SUSE Bug 1196721 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1196721"
},
{
"category": "external",
"summary": "SUSE Bug 1200782 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1200782"
},
{
"category": "external",
"summary": "SUSE Bug 1205056 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1205056"
},
{
"category": "external",
"summary": "SUSE Bug 1212247 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1212247"
},
{
"category": "external",
"summary": "SUSE Bug 1212281 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1212281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:openssh-8.4p1-3.6.1.aarch64",
"openSUSE Leap 15.3:openssh-8.4p1-3.6.1.ppc64le",
"openSUSE Leap 15.3:openssh-8.4p1-3.6.1.s390x",
"openSUSE Leap 15.3:openssh-8.4p1-3.6.1.x86_64",
"openSUSE Leap 15.3:openssh-askpass-gnome-8.4p1-3.6.1.aarch64",
"openSUSE Leap 15.3:openssh-askpass-gnome-8.4p1-3.6.1.ppc64le",
"openSUSE Leap 15.3:openssh-askpass-gnome-8.4p1-3.6.1.s390x",
"openSUSE Leap 15.3:openssh-askpass-gnome-8.4p1-3.6.1.x86_64",
"openSUSE Leap 15.3:openssh-cavs-8.4p1-3.6.1.aarch64",
"openSUSE Leap 15.3:openssh-cavs-8.4p1-3.6.1.ppc64le",
"openSUSE Leap 15.3:openssh-cavs-8.4p1-3.6.1.s390x",
"openSUSE Leap 15.3:openssh-cavs-8.4p1-3.6.1.x86_64",
"openSUSE Leap 15.3:openssh-clients-8.4p1-3.6.1.aarch64",
"openSUSE Leap 15.3:openssh-clients-8.4p1-3.6.1.ppc64le",
"openSUSE Leap 15.3:openssh-clients-8.4p1-3.6.1.s390x",
"openSUSE Leap 15.3:openssh-clients-8.4p1-3.6.1.x86_64",
"openSUSE Leap 15.3:openssh-common-8.4p1-3.6.1.aarch64",
"openSUSE Leap 15.3:openssh-common-8.4p1-3.6.1.ppc64le",
"openSUSE Leap 15.3:openssh-common-8.4p1-3.6.1.s390x",
"openSUSE Leap 15.3:openssh-common-8.4p1-3.6.1.x86_64",
"openSUSE Leap 15.3:openssh-fips-8.4p1-3.6.1.aarch64",
"openSUSE Leap 15.3:openssh-fips-8.4p1-3.6.1.ppc64le",
"openSUSE Leap 15.3:openssh-fips-8.4p1-3.6.1.s390x",
"openSUSE Leap 15.3:openssh-fips-8.4p1-3.6.1.x86_64",
"openSUSE Leap 15.3:openssh-helpers-8.4p1-3.6.1.aarch64",
"openSUSE Leap 15.3:openssh-helpers-8.4p1-3.6.1.ppc64le",
"openSUSE Leap 15.3:openssh-helpers-8.4p1-3.6.1.s390x",
"openSUSE Leap 15.3:openssh-helpers-8.4p1-3.6.1.x86_64",
"openSUSE Leap 15.3:openssh-server-8.4p1-3.6.1.aarch64",
"openSUSE Leap 15.3:openssh-server-8.4p1-3.6.1.ppc64le",
"openSUSE Leap 15.3:openssh-server-8.4p1-3.6.1.s390x",
"openSUSE Leap 15.3:openssh-server-8.4p1-3.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:openssh-8.4p1-3.6.1.aarch64",
"openSUSE Leap 15.3:openssh-8.4p1-3.6.1.ppc64le",
"openSUSE Leap 15.3:openssh-8.4p1-3.6.1.s390x",
"openSUSE Leap 15.3:openssh-8.4p1-3.6.1.x86_64",
"openSUSE Leap 15.3:openssh-askpass-gnome-8.4p1-3.6.1.aarch64",
"openSUSE Leap 15.3:openssh-askpass-gnome-8.4p1-3.6.1.ppc64le",
"openSUSE Leap 15.3:openssh-askpass-gnome-8.4p1-3.6.1.s390x",
"openSUSE Leap 15.3:openssh-askpass-gnome-8.4p1-3.6.1.x86_64",
"openSUSE Leap 15.3:openssh-cavs-8.4p1-3.6.1.aarch64",
"openSUSE Leap 15.3:openssh-cavs-8.4p1-3.6.1.ppc64le",
"openSUSE Leap 15.3:openssh-cavs-8.4p1-3.6.1.s390x",
"openSUSE Leap 15.3:openssh-cavs-8.4p1-3.6.1.x86_64",
"openSUSE Leap 15.3:openssh-clients-8.4p1-3.6.1.aarch64",
"openSUSE Leap 15.3:openssh-clients-8.4p1-3.6.1.ppc64le",
"openSUSE Leap 15.3:openssh-clients-8.4p1-3.6.1.s390x",
"openSUSE Leap 15.3:openssh-clients-8.4p1-3.6.1.x86_64",
"openSUSE Leap 15.3:openssh-common-8.4p1-3.6.1.aarch64",
"openSUSE Leap 15.3:openssh-common-8.4p1-3.6.1.ppc64le",
"openSUSE Leap 15.3:openssh-common-8.4p1-3.6.1.s390x",
"openSUSE Leap 15.3:openssh-common-8.4p1-3.6.1.x86_64",
"openSUSE Leap 15.3:openssh-fips-8.4p1-3.6.1.aarch64",
"openSUSE Leap 15.3:openssh-fips-8.4p1-3.6.1.ppc64le",
"openSUSE Leap 15.3:openssh-fips-8.4p1-3.6.1.s390x",
"openSUSE Leap 15.3:openssh-fips-8.4p1-3.6.1.x86_64",
"openSUSE Leap 15.3:openssh-helpers-8.4p1-3.6.1.aarch64",
"openSUSE Leap 15.3:openssh-helpers-8.4p1-3.6.1.ppc64le",
"openSUSE Leap 15.3:openssh-helpers-8.4p1-3.6.1.s390x",
"openSUSE Leap 15.3:openssh-helpers-8.4p1-3.6.1.x86_64",
"openSUSE Leap 15.3:openssh-server-8.4p1-3.6.1.aarch64",
"openSUSE Leap 15.3:openssh-server-8.4p1-3.6.1.ppc64le",
"openSUSE Leap 15.3:openssh-server-8.4p1-3.6.1.s390x",
"openSUSE Leap 15.3:openssh-server-8.4p1-3.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-12-06T13:59:54Z",
"details": "important"
}
],
"title": "CVE-2021-41617"
}
]
}
OPENSUSE-SU-2024:13842-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
openssh-9.6p1-3.1 on GA media
Notes
Title of the patch
openssh-9.6p1-3.1 on GA media
Description of the patch
These are all security issues fixed in the openssh-9.6p1-3.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-13842
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "openssh-9.6p1-3.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the openssh-9.6p1-3.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13842",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13842-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-28041 page",
"url": "https://www.suse.com/security/cve/CVE-2021-28041/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-41617 page",
"url": "https://www.suse.com/security/cve/CVE-2021-41617/"
}
],
"title": "openssh-9.6p1-3.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13842-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssh-9.6p1-3.1.aarch64",
"product": {
"name": "openssh-9.6p1-3.1.aarch64",
"product_id": "openssh-9.6p1-3.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-cavs-9.6p1-3.1.aarch64",
"product": {
"name": "openssh-cavs-9.6p1-3.1.aarch64",
"product_id": "openssh-cavs-9.6p1-3.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-clients-9.6p1-3.1.aarch64",
"product": {
"name": "openssh-clients-9.6p1-3.1.aarch64",
"product_id": "openssh-clients-9.6p1-3.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-common-9.6p1-3.1.aarch64",
"product": {
"name": "openssh-common-9.6p1-3.1.aarch64",
"product_id": "openssh-common-9.6p1-3.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-fips-9.6p1-3.1.aarch64",
"product": {
"name": "openssh-fips-9.6p1-3.1.aarch64",
"product_id": "openssh-fips-9.6p1-3.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-9.6p1-3.1.aarch64",
"product": {
"name": "openssh-helpers-9.6p1-3.1.aarch64",
"product_id": "openssh-helpers-9.6p1-3.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-server-9.6p1-3.1.aarch64",
"product": {
"name": "openssh-server-9.6p1-3.1.aarch64",
"product_id": "openssh-server-9.6p1-3.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssh-server-config-rootlogin-9.6p1-3.1.aarch64",
"product": {
"name": "openssh-server-config-rootlogin-9.6p1-3.1.aarch64",
"product_id": "openssh-server-config-rootlogin-9.6p1-3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-9.6p1-3.1.ppc64le",
"product": {
"name": "openssh-9.6p1-3.1.ppc64le",
"product_id": "openssh-9.6p1-3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-cavs-9.6p1-3.1.ppc64le",
"product": {
"name": "openssh-cavs-9.6p1-3.1.ppc64le",
"product_id": "openssh-cavs-9.6p1-3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-clients-9.6p1-3.1.ppc64le",
"product": {
"name": "openssh-clients-9.6p1-3.1.ppc64le",
"product_id": "openssh-clients-9.6p1-3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-common-9.6p1-3.1.ppc64le",
"product": {
"name": "openssh-common-9.6p1-3.1.ppc64le",
"product_id": "openssh-common-9.6p1-3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-fips-9.6p1-3.1.ppc64le",
"product": {
"name": "openssh-fips-9.6p1-3.1.ppc64le",
"product_id": "openssh-fips-9.6p1-3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-helpers-9.6p1-3.1.ppc64le",
"product": {
"name": "openssh-helpers-9.6p1-3.1.ppc64le",
"product_id": "openssh-helpers-9.6p1-3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-server-9.6p1-3.1.ppc64le",
"product": {
"name": "openssh-server-9.6p1-3.1.ppc64le",
"product_id": "openssh-server-9.6p1-3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssh-server-config-rootlogin-9.6p1-3.1.ppc64le",
"product": {
"name": "openssh-server-config-rootlogin-9.6p1-3.1.ppc64le",
"product_id": "openssh-server-config-rootlogin-9.6p1-3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-9.6p1-3.1.s390x",
"product": {
"name": "openssh-9.6p1-3.1.s390x",
"product_id": "openssh-9.6p1-3.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-cavs-9.6p1-3.1.s390x",
"product": {
"name": "openssh-cavs-9.6p1-3.1.s390x",
"product_id": "openssh-cavs-9.6p1-3.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-clients-9.6p1-3.1.s390x",
"product": {
"name": "openssh-clients-9.6p1-3.1.s390x",
"product_id": "openssh-clients-9.6p1-3.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-common-9.6p1-3.1.s390x",
"product": {
"name": "openssh-common-9.6p1-3.1.s390x",
"product_id": "openssh-common-9.6p1-3.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-fips-9.6p1-3.1.s390x",
"product": {
"name": "openssh-fips-9.6p1-3.1.s390x",
"product_id": "openssh-fips-9.6p1-3.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-helpers-9.6p1-3.1.s390x",
"product": {
"name": "openssh-helpers-9.6p1-3.1.s390x",
"product_id": "openssh-helpers-9.6p1-3.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-server-9.6p1-3.1.s390x",
"product": {
"name": "openssh-server-9.6p1-3.1.s390x",
"product_id": "openssh-server-9.6p1-3.1.s390x"
}
},
{
"category": "product_version",
"name": "openssh-server-config-rootlogin-9.6p1-3.1.s390x",
"product": {
"name": "openssh-server-config-rootlogin-9.6p1-3.1.s390x",
"product_id": "openssh-server-config-rootlogin-9.6p1-3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-9.6p1-3.1.x86_64",
"product": {
"name": "openssh-9.6p1-3.1.x86_64",
"product_id": "openssh-9.6p1-3.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-cavs-9.6p1-3.1.x86_64",
"product": {
"name": "openssh-cavs-9.6p1-3.1.x86_64",
"product_id": "openssh-cavs-9.6p1-3.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-clients-9.6p1-3.1.x86_64",
"product": {
"name": "openssh-clients-9.6p1-3.1.x86_64",
"product_id": "openssh-clients-9.6p1-3.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-common-9.6p1-3.1.x86_64",
"product": {
"name": "openssh-common-9.6p1-3.1.x86_64",
"product_id": "openssh-common-9.6p1-3.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-fips-9.6p1-3.1.x86_64",
"product": {
"name": "openssh-fips-9.6p1-3.1.x86_64",
"product_id": "openssh-fips-9.6p1-3.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-helpers-9.6p1-3.1.x86_64",
"product": {
"name": "openssh-helpers-9.6p1-3.1.x86_64",
"product_id": "openssh-helpers-9.6p1-3.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-server-9.6p1-3.1.x86_64",
"product": {
"name": "openssh-server-9.6p1-3.1.x86_64",
"product_id": "openssh-server-9.6p1-3.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssh-server-config-rootlogin-9.6p1-3.1.x86_64",
"product": {
"name": "openssh-server-config-rootlogin-9.6p1-3.1.x86_64",
"product_id": "openssh-server-config-rootlogin-9.6p1-3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-9.6p1-3.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-9.6p1-3.1.aarch64"
},
"product_reference": "openssh-9.6p1-3.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-9.6p1-3.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-9.6p1-3.1.ppc64le"
},
"product_reference": "openssh-9.6p1-3.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-9.6p1-3.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-9.6p1-3.1.s390x"
},
"product_reference": "openssh-9.6p1-3.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-9.6p1-3.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-9.6p1-3.1.x86_64"
},
"product_reference": "openssh-9.6p1-3.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-9.6p1-3.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.aarch64"
},
"product_reference": "openssh-cavs-9.6p1-3.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-9.6p1-3.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.ppc64le"
},
"product_reference": "openssh-cavs-9.6p1-3.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-9.6p1-3.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.s390x"
},
"product_reference": "openssh-cavs-9.6p1-3.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-9.6p1-3.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.x86_64"
},
"product_reference": "openssh-cavs-9.6p1-3.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-9.6p1-3.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.aarch64"
},
"product_reference": "openssh-clients-9.6p1-3.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-9.6p1-3.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.ppc64le"
},
"product_reference": "openssh-clients-9.6p1-3.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-9.6p1-3.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.s390x"
},
"product_reference": "openssh-clients-9.6p1-3.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-9.6p1-3.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.x86_64"
},
"product_reference": "openssh-clients-9.6p1-3.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-9.6p1-3.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-common-9.6p1-3.1.aarch64"
},
"product_reference": "openssh-common-9.6p1-3.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-9.6p1-3.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-common-9.6p1-3.1.ppc64le"
},
"product_reference": "openssh-common-9.6p1-3.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-9.6p1-3.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-common-9.6p1-3.1.s390x"
},
"product_reference": "openssh-common-9.6p1-3.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-common-9.6p1-3.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-common-9.6p1-3.1.x86_64"
},
"product_reference": "openssh-common-9.6p1-3.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-9.6p1-3.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.aarch64"
},
"product_reference": "openssh-fips-9.6p1-3.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-9.6p1-3.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.ppc64le"
},
"product_reference": "openssh-fips-9.6p1-3.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-9.6p1-3.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.s390x"
},
"product_reference": "openssh-fips-9.6p1-3.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-fips-9.6p1-3.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.x86_64"
},
"product_reference": "openssh-fips-9.6p1-3.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-9.6p1-3.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.aarch64"
},
"product_reference": "openssh-helpers-9.6p1-3.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-9.6p1-3.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.ppc64le"
},
"product_reference": "openssh-helpers-9.6p1-3.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-9.6p1-3.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.s390x"
},
"product_reference": "openssh-helpers-9.6p1-3.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-helpers-9.6p1-3.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.x86_64"
},
"product_reference": "openssh-helpers-9.6p1-3.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-9.6p1-3.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-server-9.6p1-3.1.aarch64"
},
"product_reference": "openssh-server-9.6p1-3.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-9.6p1-3.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-server-9.6p1-3.1.ppc64le"
},
"product_reference": "openssh-server-9.6p1-3.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-9.6p1-3.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-server-9.6p1-3.1.s390x"
},
"product_reference": "openssh-server-9.6p1-3.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-9.6p1-3.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-server-9.6p1-3.1.x86_64"
},
"product_reference": "openssh-server-9.6p1-3.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-config-rootlogin-9.6p1-3.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.aarch64"
},
"product_reference": "openssh-server-config-rootlogin-9.6p1-3.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-config-rootlogin-9.6p1-3.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.ppc64le"
},
"product_reference": "openssh-server-config-rootlogin-9.6p1-3.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-config-rootlogin-9.6p1-3.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.s390x"
},
"product_reference": "openssh-server-config-rootlogin-9.6p1-3.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-config-rootlogin-9.6p1-3.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.x86_64"
},
"product_reference": "openssh-server-config-rootlogin-9.6p1-3.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-28041",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-28041"
}
],
"notes": [
{
"category": "general",
"text": "ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:openssh-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-common-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-common-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-common-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-common-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-server-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-server-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-server-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-server-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-28041",
"url": "https://www.suse.com/security/cve/CVE-2021-28041"
},
{
"category": "external",
"summary": "SUSE Bug 1183137 for CVE-2021-28041",
"url": "https://bugzilla.suse.com/1183137"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:openssh-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-common-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-common-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-common-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-common-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-server-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-server-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-server-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-server-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:openssh-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-common-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-common-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-common-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-common-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-server-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-server-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-server-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-server-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-28041"
},
{
"cve": "CVE-2021-41617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-41617"
}
],
"notes": [
{
"category": "general",
"text": "sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:openssh-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-common-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-common-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-common-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-common-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-server-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-server-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-server-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-server-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-41617",
"url": "https://www.suse.com/security/cve/CVE-2021-41617"
},
{
"category": "external",
"summary": "SUSE Bug 1190975 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1190975"
},
{
"category": "external",
"summary": "SUSE Bug 1193497 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1193497"
},
{
"category": "external",
"summary": "SUSE Bug 1196721 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1196721"
},
{
"category": "external",
"summary": "SUSE Bug 1200782 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1200782"
},
{
"category": "external",
"summary": "SUSE Bug 1205056 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1205056"
},
{
"category": "external",
"summary": "SUSE Bug 1212247 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1212247"
},
{
"category": "external",
"summary": "SUSE Bug 1212281 for CVE-2021-41617",
"url": "https://bugzilla.suse.com/1212281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:openssh-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-common-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-common-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-common-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-common-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-server-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-server-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-server-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-server-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:openssh-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-cavs-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-clients-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-common-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-common-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-common-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-common-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-fips-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-helpers-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-server-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-server-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-server-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-server-9.6p1-3.1.x86_64",
"openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.aarch64",
"openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.ppc64le",
"openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.s390x",
"openSUSE Tumbleweed:openssh-server-config-rootlogin-9.6p1-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-41617"
}
]
}
NCSC-2025-0187
Vulnerability from csaf_ncscnl - Published: 2025-06-10 13:11 - Updated: 2025-06-10 13:11Summary
Kwetsbaarheden verholpen in Siemens producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Siemens heeft kwetsbaarheden verholpen in diverse producten als RUGGEDCOM, SCALANCE, SIMATIC en Tecnomatix
Interpretaties
De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipulatie van gegevens
- Omzeilen van een beveiligingsmaatregel
- Omzeilen van authenticatie
- (Remote) code execution (root/admin rechten)
- (Remote) code execution (Gebruikersrechten)
- Toegang tot systeemgegevens
- Toegang tot gevoelige gegevens
- Spoofing
De kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.
Oplossingen
Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-395
Use of NullPointerException Catch to Detect NULL Pointer Dereference
CWE-332
Insufficient Entropy in PRNG
CWE-940
Improper Verification of Source of a Communication Channel
CWE-466
Return of Pointer Value Outside of Expected Range
CWE-390
Detection of Error Condition Without Action
CWE-826
Premature Release of Resource During Expected Lifetime
CWE-222
Truncation of Security-relevant Information
CWE-310
CWE-310
CWE-273
Improper Check for Dropped Privileges
CWE-364
Signal Handler Race Condition
CWE-911
Improper Update of Reference Count
CWE-131
Incorrect Calculation of Buffer Size
CWE-304
Missing Critical Step in Authentication
CWE-684
Incorrect Provision of Specified Functionality
CWE-130
Improper Handling of Length Parameter Inconsistency
CWE-268
Privilege Chaining
CWE-366
Race Condition within a Thread
CWE-150
Improper Neutralization of Escape, Meta, or Control Sequences
CWE-201
Insertion of Sensitive Information Into Sent Data
CWE-407
Inefficient Algorithmic Complexity
CWE-371
CWE-371
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CWE-667
Improper Locking
CWE-311
Missing Encryption of Sensitive Data
CWE-703
Improper Check or Handling of Exceptional Conditions
CWE-908
Use of Uninitialized Resource
CWE-617
Reachable Assertion
CWE-129
Improper Validation of Array Index
CWE-124
Buffer Underwrite ('Buffer Underflow')
CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CWE-345
Insufficient Verification of Data Authenticity
CWE-354
Improper Validation of Integrity Check Value
CWE-325
Missing Cryptographic Step
CWE-190
Integer Overflow or Wraparound
CWE-290
Authentication Bypass by Spoofing
CWE-99
Improper Control of Resource Identifiers ('Resource Injection')
CWE-665
Improper Initialization
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-284
Improper Access Control
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-416
Use After Free
CWE-476
NULL Pointer Dereference
CWE-757
Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-611
Improper Restriction of XML External Entity Reference
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-122
Heap-based Buffer Overflow
CWE-121
Stack-based Buffer Overflow
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE-73
External Control of File Name or Path
CWE-20
Improper Input Validation
CWE-863
Incorrect Authorization
CWE-276
Incorrect Default Permissions
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Siemens heeft kwetsbaarheden verholpen in diverse producten als RUGGEDCOM, SCALANCE, SIMATIC en Tecnomatix",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipulatie van gegevens\n- Omzeilen van een beveiligingsmaatregel\n- Omzeilen van authenticatie\n- (Remote) code execution (root/admin rechten)\n- (Remote) code execution (Gebruikersrechten)\n- Toegang tot systeemgegevens\n- Toegang tot gevoelige gegevens\n- Spoofing\n\nDe kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico\u0027s zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Use of NullPointerException Catch to Detect NULL Pointer Dereference",
"title": "CWE-395"
},
{
"category": "general",
"text": "Insufficient Entropy in PRNG",
"title": "CWE-332"
},
{
"category": "general",
"text": "Improper Verification of Source of a Communication Channel",
"title": "CWE-940"
},
{
"category": "general",
"text": "Return of Pointer Value Outside of Expected Range",
"title": "CWE-466"
},
{
"category": "general",
"text": "Detection of Error Condition Without Action",
"title": "CWE-390"
},
{
"category": "general",
"text": "Premature Release of Resource During Expected Lifetime",
"title": "CWE-826"
},
{
"category": "general",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
},
{
"category": "general",
"text": "CWE-310",
"title": "CWE-310"
},
{
"category": "general",
"text": "Improper Check for Dropped Privileges",
"title": "CWE-273"
},
{
"category": "general",
"text": "Signal Handler Race Condition",
"title": "CWE-364"
},
{
"category": "general",
"text": "Improper Update of Reference Count",
"title": "CWE-911"
},
{
"category": "general",
"text": "Incorrect Calculation of Buffer Size",
"title": "CWE-131"
},
{
"category": "general",
"text": "Missing Critical Step in Authentication",
"title": "CWE-304"
},
{
"category": "general",
"text": "Incorrect Provision of Specified Functionality",
"title": "CWE-684"
},
{
"category": "general",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
},
{
"category": "general",
"text": "Privilege Chaining",
"title": "CWE-268"
},
{
"category": "general",
"text": "Race Condition within a Thread",
"title": "CWE-366"
},
{
"category": "general",
"text": "Improper Neutralization of Escape, Meta, or Control Sequences",
"title": "CWE-150"
},
{
"category": "general",
"text": "Insertion of Sensitive Information Into Sent Data",
"title": "CWE-201"
},
{
"category": "general",
"text": "Inefficient Algorithmic Complexity",
"title": "CWE-407"
},
{
"category": "general",
"text": "CWE-371",
"title": "CWE-371"
},
{
"category": "general",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "general",
"text": "Improper Locking",
"title": "CWE-667"
},
{
"category": "general",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "general",
"text": "Improper Check or Handling of Exceptional Conditions",
"title": "CWE-703"
},
{
"category": "general",
"text": "Use of Uninitialized Resource",
"title": "CWE-908"
},
{
"category": "general",
"text": "Reachable Assertion",
"title": "CWE-617"
},
{
"category": "general",
"text": "Improper Validation of Array Index",
"title": "CWE-129"
},
{
"category": "general",
"text": "Buffer Underwrite (\u0027Buffer Underflow\u0027)",
"title": "CWE-124"
},
{
"category": "general",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
},
{
"category": "general",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
},
{
"category": "general",
"text": "Improper Validation of Integrity Check Value",
"title": "CWE-354"
},
{
"category": "general",
"text": "Missing Cryptographic Step",
"title": "CWE-325"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "Authentication Bypass by Spoofing",
"title": "CWE-290"
},
{
"category": "general",
"text": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)",
"title": "CWE-99"
},
{
"category": "general",
"text": "Improper Initialization",
"title": "CWE-665"
},
{
"category": "general",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Selection of Less-Secure Algorithm During Negotiation (\u0027Algorithm Downgrade\u0027)",
"title": "CWE-757"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "general",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"title": "CWE-120"
},
{
"category": "general",
"text": "External Control of File Name or Path",
"title": "CWE-73"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Incorrect Authorization",
"title": "CWE-863"
},
{
"category": "general",
"text": "Incorrect Default Permissions",
"title": "CWE-276"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-082556.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-345750.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-486186.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-513708.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-633269.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-693776.pdf"
}
],
"title": "Kwetsbaarheden verholpen in Siemens producten",
"tracking": {
"current_release_date": "2025-06-10T13:11:56.672768Z",
"generator": {
"date": "2025-06-05T14:45:00Z",
"engine": {
"name": "V.A.",
"version": "1.1"
}
},
"id": "NCSC-2025-0187",
"initial_release_date": "2025-06-10T13:11:56.672768Z",
"revision_history": [
{
"date": "2025-06-10T13:11:56.672768Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/none",
"product": {
"name": "vers:unknown/none",
"product_id": "CSAFPID-1211853"
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:siemens/3.1.0",
"product": {
"name": "vers:siemens/3.1.0",
"product_id": "CSAFPID-1195553"
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/1.0",
"product": {
"name": "vers:unknown/1.0",
"product_id": "CSAFPID-1211202"
}
}
],
"category": "product_name",
"name": "Simatic S7-1500 Tm Mfp Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:siemens/7.4.3",
"product": {
"name": "vers:siemens/7.4.3",
"product_id": "CSAFPID-2849543"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/none",
"product": {
"name": "vers:unknown/none",
"product_id": "CSAFPID-1756091"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM APE1808 Firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/none",
"product": {
"name": "vers:unknown/none",
"product_id": "CSAFPID-2619544"
}
}
],
"category": "product_name",
"name": "Ruggedcom Ape1808"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:siemens/3.0.0",
"product": {
"name": "vers:siemens/3.0.0",
"product_id": "CSAFPID-2082475"
}
}
],
"category": "product_name",
"name": "Scalance W700 Ieee 802.11Ax Firmware"
}
],
"category": "product_family",
"name": "Siemens"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003e=v3.1.0",
"product": {
"name": "vers:all/\u003e=v3.1.0",
"product_id": "CSAFPID-1266669"
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003e=v3.1.0",
"product": {
"name": "vers:all/\u003e=v3.1.0",
"product_id": "CSAFPID-1266670"
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003e=v3.1.0",
"product": {
"name": "vers:all/\u003e=v3.1.0",
"product_id": "CSAFPID-1266671"
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003e=v3.1.0",
"product": {
"name": "vers:all/\u003e=v3.1.0",
"product_id": "CSAFPID-1266672"
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "vers:all/*",
"product_id": "CSAFPID-2460438"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv1.3.0",
"product": {
"name": "vers:unknown/\u003cv1.3.0",
"product_id": "CSAFPID-1270701"
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 TM MFP - BIOS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003cv1.1",
"product": {
"name": "vers:unknown/\u003cv1.1",
"product_id": "CSAFPID-1270700"
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 TM MFP -\u00a0GNU/Linux subsystem"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003e=v3.1.0",
"product": {
"name": "vers:all/\u003e=v3.1.0",
"product_id": "CSAFPID-1266673"
}
}
],
"category": "product_name",
"name": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "vers:all/*",
"product_id": "CSAFPID-1272525"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM APE1808"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-126262",
"product_identification_helper": {
"cpe": "cpe:2.3:a:siemens:ruggedcom_ape1808:*:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "ruggedcom_ape1808"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "vers:all/*",
"product_id": "CSAFPID-2905706"
}
}
],
"category": "product_name",
"name": "Energy Services"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv2404.0013",
"product": {
"name": "vers:all/\u003cv2404.0013",
"product_id": "CSAFPID-2905742"
}
}
],
"category": "product_name",
"name": "Tecnomatix Plant Simulation V2404"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905748"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905793"
}
}
],
"category": "product_name",
"name": "SCALANCE XC316-8 (6GK5324-8TS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905749"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905794"
}
}
],
"category": "product_name",
"name": "SCALANCE XC324-4 (6GK5328-4TS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905750"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905795"
}
}
],
"category": "product_name",
"name": "SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905751"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905796"
}
}
],
"category": "product_name",
"name": "SCALANCE XC332 (6GK5332-0GA00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905752"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905797"
}
}
],
"category": "product_name",
"name": "SCALANCE XC416-8 (6GK5424-8TR00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905753"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905798"
}
}
],
"category": "product_name",
"name": "SCALANCE XC424-4 (6GK5428-4TR00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905754"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905799"
}
}
],
"category": "product_name",
"name": "SCALANCE XC432 (6GK5432-0GR00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905755"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905800"
}
}
],
"category": "product_name",
"name": "SCALANCE XCH328 (6GK5328-4TS01-2EC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905756"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905801"
}
}
],
"category": "product_name",
"name": "SCALANCE XCM324 (6GK5324-8TS01-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905757"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905802"
}
}
],
"category": "product_name",
"name": "SCALANCE XCM328 (6GK5328-4TS01-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905758"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905803"
}
}
],
"category": "product_name",
"name": "SCALANCE XCM332 (6GK5332-0GA01-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905759"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905804"
}
}
],
"category": "product_name",
"name": "SCALANCE XR302-32 (6GK5334-5TS00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905760"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905805"
}
}
],
"category": "product_name",
"name": "SCALANCE XR302-32 (6GK5334-5TS00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905761"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905806"
}
}
],
"category": "product_name",
"name": "SCALANCE XR302-32 (6GK5334-5TS00-4AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905762"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905807"
}
}
],
"category": "product_name",
"name": "SCALANCE XR322-12 (6GK5334-3TS00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905763"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905808"
}
}
],
"category": "product_name",
"name": "SCALANCE XR322-12 (6GK5334-3TS00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905764"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905809"
}
}
],
"category": "product_name",
"name": "SCALANCE XR322-12 (6GK5334-3TS00-4AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905765"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905810"
}
}
],
"category": "product_name",
"name": "SCALANCE XR326-8 (6GK5334-2TS00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905766"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905811"
}
}
],
"category": "product_name",
"name": "SCALANCE XR326-8 (6GK5334-2TS00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905767"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905812"
}
}
],
"category": "product_name",
"name": "SCALANCE XR326-8 (6GK5334-2TS00-4AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905768"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905813"
}
}
],
"category": "product_name",
"name": "SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905769"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905814"
}
}
],
"category": "product_name",
"name": "SCALANCE XR502-32 (6GK5534-5TR00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905770"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905815"
}
}
],
"category": "product_name",
"name": "SCALANCE XR502-32 (6GK5534-5TR00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905771"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905816"
}
}
],
"category": "product_name",
"name": "SCALANCE XR502-32 (6GK5534-5TR00-4AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905772"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905817"
}
}
],
"category": "product_name",
"name": "SCALANCE XR522-12 (6GK5534-3TR00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905773"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905818"
}
}
],
"category": "product_name",
"name": "SCALANCE XR522-12 (6GK5534-3TR00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905774"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905819"
}
}
],
"category": "product_name",
"name": "SCALANCE XR522-12 (6GK5534-3TR00-4AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905775"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905820"
}
}
],
"category": "product_name",
"name": "SCALANCE XR526-8 (6GK5534-2TR00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905776"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905821"
}
}
],
"category": "product_name",
"name": "SCALANCE XR526-8 (6GK5534-2TR00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905777"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905822"
}
}
],
"category": "product_name",
"name": "SCALANCE XR526-8 (6GK5534-2TR00-4AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905778"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905823"
}
}
],
"category": "product_name",
"name": "SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905786"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905831"
}
}
],
"category": "product_name",
"name": "SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905785"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905830"
}
}
],
"category": "product_name",
"name": "SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905787"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905832"
}
}
],
"category": "product_name",
"name": "SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905783"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905828"
}
}
],
"category": "product_name",
"name": "SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905782"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905827"
}
}
],
"category": "product_name",
"name": "SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905784"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905829"
}
}
],
"category": "product_name",
"name": "SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905780"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905825"
}
}
],
"category": "product_name",
"name": "SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905779"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905824"
}
}
],
"category": "product_name",
"name": "SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.1",
"product": {
"name": "vers:all/\u003cv3.1",
"product_id": "CSAFPID-2905781"
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003cv3.2",
"product": {
"name": "vers:all/\u003cv3.2",
"product_id": "CSAFPID-2905826"
}
}
],
"category": "product_name",
"name": "SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-41617",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "other",
"text": "Improper Check for Dropped Privileges",
"title": "CWE-273"
},
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-41617 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2021/cve-2021-41617.json"
}
],
"title": "CVE-2021-41617"
},
{
"cve": "CVE-2023-4527",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-4527 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-4527.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-4527"
},
{
"cve": "CVE-2023-4806",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-4806 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-4806.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-4806"
},
{
"cve": "CVE-2023-4911",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-4911 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-4911.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-4911"
},
{
"cve": "CVE-2023-5363",
"cwe": {
"id": "CWE-325",
"name": "Missing Cryptographic Step"
},
"notes": [
{
"category": "other",
"text": "Missing Cryptographic Step",
"title": "CWE-325"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Incorrect Provision of Specified Functionality",
"title": "CWE-684"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-5363 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-5363.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-5363"
},
{
"cve": "CVE-2023-6246",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-6246 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-6246.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-6246"
},
{
"cve": "CVE-2023-6779",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-6779 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-6779.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-6779"
},
{
"cve": "CVE-2023-6780",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "other",
"text": "Incorrect Calculation of Buffer Size",
"title": "CWE-131"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-6780 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-6780.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-6780"
},
{
"cve": "CVE-2023-28531",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-28531 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-28531.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-28531"
},
{
"cve": "CVE-2023-38545",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-38545 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-38545.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-38545"
},
{
"cve": "CVE-2023-38546",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"notes": [
{
"category": "other",
"text": "External Control of File Name or Path",
"title": "CWE-73"
},
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-38546 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-38546.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-38546"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-44487 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-44487.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-46218",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"notes": [
{
"category": "other",
"text": "Insertion of Sensitive Information Into Sent Data",
"title": "CWE-201"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-46218 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-46218.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-46218"
},
{
"cve": "CVE-2023-46219",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-46219 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-46219.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-46219"
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"notes": [
{
"category": "other",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
},
{
"category": "other",
"text": "Selection of Less-Secure Algorithm During Negotiation (\u0027Algorithm Downgrade\u0027)",
"title": "CWE-757"
},
{
"category": "other",
"text": "Improper Validation of Integrity Check Value",
"title": "CWE-354"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:A/V:D/RE:L/U:Amber",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-48795 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-48795.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-51384",
"cwe": {
"id": "CWE-304",
"name": "Missing Critical Step in Authentication"
},
"notes": [
{
"category": "other",
"text": "Missing Critical Step in Authentication",
"title": "CWE-304"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-51384 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-51384.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-51384"
},
{
"cve": "CVE-2023-51385",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-51385 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-51385.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2023-51385"
},
{
"cve": "CVE-2023-52927",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-52927 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-52927.json"
}
],
"title": "CVE-2023-52927"
},
{
"cve": "CVE-2024-2961",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-2961 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-2961.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-2961"
},
{
"cve": "CVE-2024-6119",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "other",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-6119 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-6119.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-6119"
},
{
"cve": "CVE-2024-6387",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "other",
"text": "Signal Handler Race Condition",
"title": "CWE-364"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-6387 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-6387.json"
}
],
"title": "CVE-2024-6387"
},
{
"cve": "CVE-2024-12133",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Inefficient Algorithmic Complexity",
"title": "CWE-407"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-12133 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-12133.json"
}
],
"title": "CVE-2024-12133"
},
{
"cve": "CVE-2024-12243",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Inefficient Algorithmic Complexity",
"title": "CWE-407"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-12243 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-12243.json"
}
],
"title": "CVE-2024-12243"
},
{
"cve": "CVE-2024-24855",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "other",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-24855 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-24855.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-24855"
},
{
"cve": "CVE-2024-26596",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-26596 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-26596.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-26596"
},
{
"cve": "CVE-2024-28085",
"cwe": {
"id": "CWE-268",
"name": "Privilege Chaining"
},
"notes": [
{
"category": "other",
"text": "Privilege Chaining",
"title": "CWE-268"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Improper Neutralization of Escape, Meta, or Control Sequences",
"title": "CWE-150"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28085 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-28085.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-28085"
},
{
"cve": "CVE-2024-33599",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-33599 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-33599.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-33599"
},
{
"cve": "CVE-2024-33600",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-33600 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-33600.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-33600"
},
{
"cve": "CVE-2024-33601",
"cwe": {
"id": "CWE-703",
"name": "Improper Check or Handling of Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Check or Handling of Exceptional Conditions",
"title": "CWE-703"
},
{
"category": "other",
"text": "Reachable Assertion",
"title": "CWE-617"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-33601 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-33601.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-33601"
},
{
"cve": "CVE-2024-33602",
"cwe": {
"id": "CWE-466",
"name": "Return of Pointer Value Outside of Expected Range"
},
"notes": [
{
"category": "other",
"text": "Return of Pointer Value Outside of Expected Range",
"title": "CWE-466"
},
{
"category": "other",
"text": "Improper Check or Handling of Exceptional Conditions",
"title": "CWE-703"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-33602 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-33602.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-33602"
},
{
"cve": "CVE-2024-34397",
"cwe": {
"id": "CWE-940",
"name": "Improper Verification of Source of a Communication Channel"
},
"notes": [
{
"category": "other",
"text": "Improper Verification of Source of a Communication Channel",
"title": "CWE-940"
},
{
"category": "other",
"text": "Authentication Bypass by Spoofing",
"title": "CWE-290"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-34397 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-34397.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-34397"
},
{
"cve": "CVE-2024-37370",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
},
{
"category": "other",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37370 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-37370.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-37370"
},
{
"cve": "CVE-2024-37371",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
},
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37371 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-37371.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-37371"
},
{
"cve": "CVE-2024-41797",
"cwe": {
"id": "CWE-269",
"name": "Improper Privilege Management"
},
"notes": [
{
"category": "other",
"text": "Improper Privilege Management",
"title": "CWE-269"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-41797 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-41797.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-41797"
},
{
"cve": "CVE-2024-45490",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "other",
"text": "Incorrect Calculation of Buffer Size",
"title": "CWE-131"
},
{
"category": "other",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45490 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-45490.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-45490"
},
{
"cve": "CVE-2024-45491",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45491 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-45491.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-45491"
},
{
"cve": "CVE-2024-45492",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45492 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-45492.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-45492"
},
{
"cve": "CVE-2024-50246",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-50246 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-50246.json"
}
],
"title": "CVE-2024-50246"
},
{
"cve": "CVE-2024-53166",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-53166 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-53166.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-53166"
},
{
"cve": "CVE-2024-57977",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "other",
"text": "Improper Locking",
"title": "CWE-667"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-57977 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-57977.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-57977"
},
{
"cve": "CVE-2024-57996",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"notes": [
{
"category": "other",
"text": "Improper Validation of Array Index",
"title": "CWE-129"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-57996 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-57996.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-57996"
},
{
"cve": "CVE-2024-58005",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)",
"title": "CWE-99"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-58005 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-58005.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2024-58005"
},
{
"cve": "CVE-2025-0133",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/S:N/AU:N/R:U/V:D/RE:M/U:Amber",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-0133 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-0133.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-0133"
},
{
"cve": "CVE-2025-4373",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "other",
"text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"title": "CWE-120"
},
{
"category": "other",
"text": "Buffer Underwrite (\u0027Buffer Underflow\u0027)",
"title": "CWE-124"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-4373 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-4373.json"
}
],
"title": "CVE-2025-4373"
},
{
"cve": "CVE-2025-4598",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "other",
"text": "Signal Handler Race Condition",
"title": "CWE-364"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-4598 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-4598.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-4598"
},
{
"cve": "CVE-2025-21701",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21701 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21701.json"
}
],
"title": "CVE-2025-21701"
},
{
"cve": "CVE-2025-21702",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21702 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21702.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-21712",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21712 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21712.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-21712"
},
{
"cve": "CVE-2025-21724",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21724 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21724.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-21724"
},
{
"cve": "CVE-2025-21728",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21728 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21728.json"
}
],
"title": "CVE-2025-21728"
},
{
"cve": "CVE-2025-21745",
"cwe": {
"id": "CWE-911",
"name": "Improper Update of Reference Count"
},
"notes": [
{
"category": "other",
"text": "Improper Update of Reference Count",
"title": "CWE-911"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21745 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21745.json"
}
],
"title": "CVE-2025-21745"
},
{
"cve": "CVE-2025-21756",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21756 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21756.json"
}
],
"title": "CVE-2025-21756"
},
{
"cve": "CVE-2025-21758",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21758 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21758.json"
}
],
"title": "CVE-2025-21758"
},
{
"cve": "CVE-2025-21765",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21765 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21765.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-21765"
},
{
"cve": "CVE-2025-21766",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21766 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21766.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-21766"
},
{
"cve": "CVE-2025-21767",
"cwe": {
"id": "CWE-332",
"name": "Insufficient Entropy in PRNG"
},
"notes": [
{
"category": "other",
"text": "Insufficient Entropy in PRNG",
"title": "CWE-332"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21767 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21767.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-21767"
},
{
"cve": "CVE-2025-21795",
"cwe": {
"id": "CWE-371",
"name": "-"
},
"notes": [
{
"category": "other",
"text": "CWE-371",
"title": "CWE-371"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21795 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21795.json"
}
],
"title": "CVE-2025-21795"
},
{
"cve": "CVE-2025-21796",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21796 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21796.json"
}
],
"title": "CVE-2025-21796"
},
{
"cve": "CVE-2025-21848",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "other",
"text": "Use of NullPointerException Catch to Detect NULL Pointer Dereference",
"title": "CWE-395"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21848 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21848.json"
}
],
"title": "CVE-2025-21848"
},
{
"cve": "CVE-2025-21862",
"cwe": {
"id": "CWE-665",
"name": "Improper Initialization"
},
"notes": [
{
"category": "other",
"text": "Improper Initialization",
"title": "CWE-665"
},
{
"category": "other",
"text": "Use of Uninitialized Resource",
"title": "CWE-908"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21862 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21862.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-21862"
},
{
"cve": "CVE-2025-21864",
"cwe": {
"id": "CWE-371",
"name": "-"
},
"notes": [
{
"category": "other",
"text": "CWE-371",
"title": "CWE-371"
},
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21864 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21864.json"
}
],
"title": "CVE-2025-21864"
},
{
"cve": "CVE-2025-21865",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21865 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-21865.json"
}
],
"title": "CVE-2025-21865"
},
{
"cve": "CVE-2025-26465",
"cwe": {
"id": "CWE-310",
"name": "-"
},
"notes": [
{
"category": "other",
"text": "CWE-310",
"title": "CWE-310"
},
{
"category": "other",
"text": "Detection of Error Condition Without Action",
"title": "CWE-390"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26465 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-26465.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-26465"
},
{
"cve": "CVE-2025-31115",
"cwe": {
"id": "CWE-366",
"name": "Race Condition within a Thread"
},
"notes": [
{
"category": "other",
"text": "Race Condition within a Thread",
"title": "CWE-366"
},
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "other",
"text": "Premature Release of Resource During Expected Lifetime",
"title": "CWE-826"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-31115 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-31115.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-31115"
},
{
"cve": "CVE-2025-32454",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-32454 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-32454.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-32454"
},
{
"cve": "CVE-2025-40567",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"notes": [
{
"category": "other",
"text": "Incorrect Authorization",
"title": "CWE-863"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-40567 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40567.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-40567"
},
{
"cve": "CVE-2025-40568",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"notes": [
{
"category": "other",
"text": "Incorrect Authorization",
"title": "CWE-863"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-40568 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40568.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-40568"
},
{
"cve": "CVE-2025-40569",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-40569 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40569.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-40569"
},
{
"cve": "CVE-2025-40585",
"cwe": {
"id": "CWE-276",
"name": "Incorrect Default Permissions"
},
"notes": [
{
"category": "other",
"text": "Incorrect Default Permissions",
"title": "CWE-276"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-40585 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40585.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-40585"
},
{
"cve": "CVE-2025-46836",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-46836 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-46836.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1211853",
"CSAFPID-1266669",
"CSAFPID-1266670",
"CSAFPID-1195553",
"CSAFPID-1266671",
"CSAFPID-1266672",
"CSAFPID-2460438",
"CSAFPID-1270701",
"CSAFPID-1270700",
"CSAFPID-1266673",
"CSAFPID-1211202",
"CSAFPID-1272525",
"CSAFPID-2849543",
"CSAFPID-1756091",
"CSAFPID-2619544",
"CSAFPID-126262",
"CSAFPID-2082475",
"CSAFPID-2905706",
"CSAFPID-2905742",
"CSAFPID-2905748",
"CSAFPID-2905793",
"CSAFPID-2905749",
"CSAFPID-2905794",
"CSAFPID-2905750",
"CSAFPID-2905795",
"CSAFPID-2905751",
"CSAFPID-2905796",
"CSAFPID-2905752",
"CSAFPID-2905797",
"CSAFPID-2905753",
"CSAFPID-2905798",
"CSAFPID-2905754",
"CSAFPID-2905799",
"CSAFPID-2905755",
"CSAFPID-2905800",
"CSAFPID-2905756",
"CSAFPID-2905801",
"CSAFPID-2905757",
"CSAFPID-2905802",
"CSAFPID-2905758",
"CSAFPID-2905803",
"CSAFPID-2905759",
"CSAFPID-2905804",
"CSAFPID-2905760",
"CSAFPID-2905805",
"CSAFPID-2905761",
"CSAFPID-2905806",
"CSAFPID-2905762",
"CSAFPID-2905807",
"CSAFPID-2905763",
"CSAFPID-2905808",
"CSAFPID-2905764",
"CSAFPID-2905809",
"CSAFPID-2905765",
"CSAFPID-2905810",
"CSAFPID-2905766",
"CSAFPID-2905811",
"CSAFPID-2905767",
"CSAFPID-2905812",
"CSAFPID-2905768",
"CSAFPID-2905813",
"CSAFPID-2905769",
"CSAFPID-2905814",
"CSAFPID-2905770",
"CSAFPID-2905815",
"CSAFPID-2905771",
"CSAFPID-2905816",
"CSAFPID-2905772",
"CSAFPID-2905817",
"CSAFPID-2905773",
"CSAFPID-2905818",
"CSAFPID-2905774",
"CSAFPID-2905819",
"CSAFPID-2905775",
"CSAFPID-2905820",
"CSAFPID-2905776",
"CSAFPID-2905821",
"CSAFPID-2905777",
"CSAFPID-2905822",
"CSAFPID-2905778",
"CSAFPID-2905823",
"CSAFPID-2905786",
"CSAFPID-2905831",
"CSAFPID-2905785",
"CSAFPID-2905830",
"CSAFPID-2905787",
"CSAFPID-2905832",
"CSAFPID-2905783",
"CSAFPID-2905828",
"CSAFPID-2905782",
"CSAFPID-2905827",
"CSAFPID-2905784",
"CSAFPID-2905829",
"CSAFPID-2905780",
"CSAFPID-2905825",
"CSAFPID-2905779",
"CSAFPID-2905824",
"CSAFPID-2905781",
"CSAFPID-2905826"
]
}
],
"title": "CVE-2025-46836"
}
]
}
RHSA-2022:2013
Vulnerability from csaf_redhat - Published: 2022-05-10 14:26 - Updated: 2025-11-21 18:30Summary
Red Hat Security Advisory: openssh security, bug fix, and enhancement update
Notes
Topic
An update for openssh is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.
Security Fix(es):
* openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured (CVE-2021-41617)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.6 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for openssh is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.\n\nSecurity Fix(es):\n\n* openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured (CVE-2021-41617)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.6 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:2013",
"url": "https://access.redhat.com/errata/RHSA-2022:2013"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.6_release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.6_release_notes/"
},
{
"category": "external",
"summary": "2008291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008291"
},
{
"category": "external",
"summary": "2015828",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015828"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_2013.json"
}
],
"title": "Red Hat Security Advisory: openssh security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2025-11-21T18:30:42+00:00",
"generator": {
"date": "2025-11-21T18:30:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2022:2013",
"initial_release_date": "2022-05-10T14:26:50+00:00",
"revision_history": [
{
"date": "2022-05-10T14:26:50+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-05-10T14:26:50+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:30:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-0:8.0p1-13.el8.src",
"product": {
"name": "openssh-0:8.0p1-13.el8.src",
"product_id": "openssh-0:8.0p1-13.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh@8.0p1-13.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-0:8.0p1-13.el8.aarch64",
"product": {
"name": "openssh-0:8.0p1-13.el8.aarch64",
"product_id": "openssh-0:8.0p1-13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh@8.0p1-13.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openssh-cavs-0:8.0p1-13.el8.aarch64",
"product": {
"name": "openssh-cavs-0:8.0p1-13.el8.aarch64",
"product_id": "openssh-cavs-0:8.0p1-13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-cavs@8.0p1-13.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openssh-clients-0:8.0p1-13.el8.aarch64",
"product": {
"name": "openssh-clients-0:8.0p1-13.el8.aarch64",
"product_id": "openssh-clients-0:8.0p1-13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-clients@8.0p1-13.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openssh-keycat-0:8.0p1-13.el8.aarch64",
"product": {
"name": "openssh-keycat-0:8.0p1-13.el8.aarch64",
"product_id": "openssh-keycat-0:8.0p1-13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-keycat@8.0p1-13.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openssh-ldap-0:8.0p1-13.el8.aarch64",
"product": {
"name": "openssh-ldap-0:8.0p1-13.el8.aarch64",
"product_id": "openssh-ldap-0:8.0p1-13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-ldap@8.0p1-13.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openssh-server-0:8.0p1-13.el8.aarch64",
"product": {
"name": "openssh-server-0:8.0p1-13.el8.aarch64",
"product_id": "openssh-server-0:8.0p1-13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server@8.0p1-13.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.aarch64",
"product": {
"name": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.aarch64",
"product_id": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.3-7.13.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openssh-debugsource-0:8.0p1-13.el8.aarch64",
"product": {
"name": "openssh-debugsource-0:8.0p1-13.el8.aarch64",
"product_id": "openssh-debugsource-0:8.0p1-13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-debugsource@8.0p1-13.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openssh-askpass-debuginfo-0:8.0p1-13.el8.aarch64",
"product": {
"name": "openssh-askpass-debuginfo-0:8.0p1-13.el8.aarch64",
"product_id": "openssh-askpass-debuginfo-0:8.0p1-13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass-debuginfo@8.0p1-13.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openssh-cavs-debuginfo-0:8.0p1-13.el8.aarch64",
"product": {
"name": "openssh-cavs-debuginfo-0:8.0p1-13.el8.aarch64",
"product_id": "openssh-cavs-debuginfo-0:8.0p1-13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-cavs-debuginfo@8.0p1-13.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openssh-clients-debuginfo-0:8.0p1-13.el8.aarch64",
"product": {
"name": "openssh-clients-debuginfo-0:8.0p1-13.el8.aarch64",
"product_id": "openssh-clients-debuginfo-0:8.0p1-13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-clients-debuginfo@8.0p1-13.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openssh-debuginfo-0:8.0p1-13.el8.aarch64",
"product": {
"name": "openssh-debuginfo-0:8.0p1-13.el8.aarch64",
"product_id": "openssh-debuginfo-0:8.0p1-13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-debuginfo@8.0p1-13.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openssh-keycat-debuginfo-0:8.0p1-13.el8.aarch64",
"product": {
"name": "openssh-keycat-debuginfo-0:8.0p1-13.el8.aarch64",
"product_id": "openssh-keycat-debuginfo-0:8.0p1-13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-keycat-debuginfo@8.0p1-13.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openssh-ldap-debuginfo-0:8.0p1-13.el8.aarch64",
"product": {
"name": "openssh-ldap-debuginfo-0:8.0p1-13.el8.aarch64",
"product_id": "openssh-ldap-debuginfo-0:8.0p1-13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-ldap-debuginfo@8.0p1-13.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openssh-server-debuginfo-0:8.0p1-13.el8.aarch64",
"product": {
"name": "openssh-server-debuginfo-0:8.0p1-13.el8.aarch64",
"product_id": "openssh-server-debuginfo-0:8.0p1-13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server-debuginfo@8.0p1-13.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.aarch64",
"product": {
"name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.aarch64",
"product_id": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.3-7.13.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openssh-askpass-0:8.0p1-13.el8.aarch64",
"product": {
"name": "openssh-askpass-0:8.0p1-13.el8.aarch64",
"product_id": "openssh-askpass-0:8.0p1-13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass@8.0p1-13.el8?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-0:8.0p1-13.el8.ppc64le",
"product": {
"name": "openssh-0:8.0p1-13.el8.ppc64le",
"product_id": "openssh-0:8.0p1-13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh@8.0p1-13.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openssh-cavs-0:8.0p1-13.el8.ppc64le",
"product": {
"name": "openssh-cavs-0:8.0p1-13.el8.ppc64le",
"product_id": "openssh-cavs-0:8.0p1-13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-cavs@8.0p1-13.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openssh-clients-0:8.0p1-13.el8.ppc64le",
"product": {
"name": "openssh-clients-0:8.0p1-13.el8.ppc64le",
"product_id": "openssh-clients-0:8.0p1-13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-clients@8.0p1-13.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openssh-keycat-0:8.0p1-13.el8.ppc64le",
"product": {
"name": "openssh-keycat-0:8.0p1-13.el8.ppc64le",
"product_id": "openssh-keycat-0:8.0p1-13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-keycat@8.0p1-13.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openssh-ldap-0:8.0p1-13.el8.ppc64le",
"product": {
"name": "openssh-ldap-0:8.0p1-13.el8.ppc64le",
"product_id": "openssh-ldap-0:8.0p1-13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-ldap@8.0p1-13.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openssh-server-0:8.0p1-13.el8.ppc64le",
"product": {
"name": "openssh-server-0:8.0p1-13.el8.ppc64le",
"product_id": "openssh-server-0:8.0p1-13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server@8.0p1-13.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.ppc64le",
"product": {
"name": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.ppc64le",
"product_id": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.3-7.13.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openssh-debugsource-0:8.0p1-13.el8.ppc64le",
"product": {
"name": "openssh-debugsource-0:8.0p1-13.el8.ppc64le",
"product_id": "openssh-debugsource-0:8.0p1-13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-debugsource@8.0p1-13.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openssh-askpass-debuginfo-0:8.0p1-13.el8.ppc64le",
"product": {
"name": "openssh-askpass-debuginfo-0:8.0p1-13.el8.ppc64le",
"product_id": "openssh-askpass-debuginfo-0:8.0p1-13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass-debuginfo@8.0p1-13.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openssh-cavs-debuginfo-0:8.0p1-13.el8.ppc64le",
"product": {
"name": "openssh-cavs-debuginfo-0:8.0p1-13.el8.ppc64le",
"product_id": "openssh-cavs-debuginfo-0:8.0p1-13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-cavs-debuginfo@8.0p1-13.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openssh-clients-debuginfo-0:8.0p1-13.el8.ppc64le",
"product": {
"name": "openssh-clients-debuginfo-0:8.0p1-13.el8.ppc64le",
"product_id": "openssh-clients-debuginfo-0:8.0p1-13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-clients-debuginfo@8.0p1-13.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openssh-debuginfo-0:8.0p1-13.el8.ppc64le",
"product": {
"name": "openssh-debuginfo-0:8.0p1-13.el8.ppc64le",
"product_id": "openssh-debuginfo-0:8.0p1-13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-debuginfo@8.0p1-13.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openssh-keycat-debuginfo-0:8.0p1-13.el8.ppc64le",
"product": {
"name": "openssh-keycat-debuginfo-0:8.0p1-13.el8.ppc64le",
"product_id": "openssh-keycat-debuginfo-0:8.0p1-13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-keycat-debuginfo@8.0p1-13.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openssh-ldap-debuginfo-0:8.0p1-13.el8.ppc64le",
"product": {
"name": "openssh-ldap-debuginfo-0:8.0p1-13.el8.ppc64le",
"product_id": "openssh-ldap-debuginfo-0:8.0p1-13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-ldap-debuginfo@8.0p1-13.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openssh-server-debuginfo-0:8.0p1-13.el8.ppc64le",
"product": {
"name": "openssh-server-debuginfo-0:8.0p1-13.el8.ppc64le",
"product_id": "openssh-server-debuginfo-0:8.0p1-13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server-debuginfo@8.0p1-13.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.ppc64le",
"product": {
"name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.ppc64le",
"product_id": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.3-7.13.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openssh-askpass-0:8.0p1-13.el8.ppc64le",
"product": {
"name": "openssh-askpass-0:8.0p1-13.el8.ppc64le",
"product_id": "openssh-askpass-0:8.0p1-13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass@8.0p1-13.el8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-0:8.0p1-13.el8.x86_64",
"product": {
"name": "openssh-0:8.0p1-13.el8.x86_64",
"product_id": "openssh-0:8.0p1-13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh@8.0p1-13.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-cavs-0:8.0p1-13.el8.x86_64",
"product": {
"name": "openssh-cavs-0:8.0p1-13.el8.x86_64",
"product_id": "openssh-cavs-0:8.0p1-13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-cavs@8.0p1-13.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-clients-0:8.0p1-13.el8.x86_64",
"product": {
"name": "openssh-clients-0:8.0p1-13.el8.x86_64",
"product_id": "openssh-clients-0:8.0p1-13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-clients@8.0p1-13.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-keycat-0:8.0p1-13.el8.x86_64",
"product": {
"name": "openssh-keycat-0:8.0p1-13.el8.x86_64",
"product_id": "openssh-keycat-0:8.0p1-13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-keycat@8.0p1-13.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-ldap-0:8.0p1-13.el8.x86_64",
"product": {
"name": "openssh-ldap-0:8.0p1-13.el8.x86_64",
"product_id": "openssh-ldap-0:8.0p1-13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-ldap@8.0p1-13.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-server-0:8.0p1-13.el8.x86_64",
"product": {
"name": "openssh-server-0:8.0p1-13.el8.x86_64",
"product_id": "openssh-server-0:8.0p1-13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server@8.0p1-13.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.x86_64",
"product": {
"name": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.x86_64",
"product_id": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.3-7.13.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-debugsource-0:8.0p1-13.el8.x86_64",
"product": {
"name": "openssh-debugsource-0:8.0p1-13.el8.x86_64",
"product_id": "openssh-debugsource-0:8.0p1-13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-debugsource@8.0p1-13.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-askpass-debuginfo-0:8.0p1-13.el8.x86_64",
"product": {
"name": "openssh-askpass-debuginfo-0:8.0p1-13.el8.x86_64",
"product_id": "openssh-askpass-debuginfo-0:8.0p1-13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass-debuginfo@8.0p1-13.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-cavs-debuginfo-0:8.0p1-13.el8.x86_64",
"product": {
"name": "openssh-cavs-debuginfo-0:8.0p1-13.el8.x86_64",
"product_id": "openssh-cavs-debuginfo-0:8.0p1-13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-cavs-debuginfo@8.0p1-13.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-clients-debuginfo-0:8.0p1-13.el8.x86_64",
"product": {
"name": "openssh-clients-debuginfo-0:8.0p1-13.el8.x86_64",
"product_id": "openssh-clients-debuginfo-0:8.0p1-13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-clients-debuginfo@8.0p1-13.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-debuginfo-0:8.0p1-13.el8.x86_64",
"product": {
"name": "openssh-debuginfo-0:8.0p1-13.el8.x86_64",
"product_id": "openssh-debuginfo-0:8.0p1-13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-debuginfo@8.0p1-13.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-keycat-debuginfo-0:8.0p1-13.el8.x86_64",
"product": {
"name": "openssh-keycat-debuginfo-0:8.0p1-13.el8.x86_64",
"product_id": "openssh-keycat-debuginfo-0:8.0p1-13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-keycat-debuginfo@8.0p1-13.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-ldap-debuginfo-0:8.0p1-13.el8.x86_64",
"product": {
"name": "openssh-ldap-debuginfo-0:8.0p1-13.el8.x86_64",
"product_id": "openssh-ldap-debuginfo-0:8.0p1-13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-ldap-debuginfo@8.0p1-13.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-server-debuginfo-0:8.0p1-13.el8.x86_64",
"product": {
"name": "openssh-server-debuginfo-0:8.0p1-13.el8.x86_64",
"product_id": "openssh-server-debuginfo-0:8.0p1-13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server-debuginfo@8.0p1-13.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.x86_64",
"product": {
"name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.x86_64",
"product_id": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.3-7.13.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-askpass-0:8.0p1-13.el8.x86_64",
"product": {
"name": "openssh-askpass-0:8.0p1-13.el8.x86_64",
"product_id": "openssh-askpass-0:8.0p1-13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass@8.0p1-13.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-0:8.0p1-13.el8.s390x",
"product": {
"name": "openssh-0:8.0p1-13.el8.s390x",
"product_id": "openssh-0:8.0p1-13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh@8.0p1-13.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-cavs-0:8.0p1-13.el8.s390x",
"product": {
"name": "openssh-cavs-0:8.0p1-13.el8.s390x",
"product_id": "openssh-cavs-0:8.0p1-13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-cavs@8.0p1-13.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-clients-0:8.0p1-13.el8.s390x",
"product": {
"name": "openssh-clients-0:8.0p1-13.el8.s390x",
"product_id": "openssh-clients-0:8.0p1-13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-clients@8.0p1-13.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-keycat-0:8.0p1-13.el8.s390x",
"product": {
"name": "openssh-keycat-0:8.0p1-13.el8.s390x",
"product_id": "openssh-keycat-0:8.0p1-13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-keycat@8.0p1-13.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-ldap-0:8.0p1-13.el8.s390x",
"product": {
"name": "openssh-ldap-0:8.0p1-13.el8.s390x",
"product_id": "openssh-ldap-0:8.0p1-13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-ldap@8.0p1-13.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-server-0:8.0p1-13.el8.s390x",
"product": {
"name": "openssh-server-0:8.0p1-13.el8.s390x",
"product_id": "openssh-server-0:8.0p1-13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server@8.0p1-13.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.s390x",
"product": {
"name": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.s390x",
"product_id": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.3-7.13.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-debugsource-0:8.0p1-13.el8.s390x",
"product": {
"name": "openssh-debugsource-0:8.0p1-13.el8.s390x",
"product_id": "openssh-debugsource-0:8.0p1-13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-debugsource@8.0p1-13.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-askpass-debuginfo-0:8.0p1-13.el8.s390x",
"product": {
"name": "openssh-askpass-debuginfo-0:8.0p1-13.el8.s390x",
"product_id": "openssh-askpass-debuginfo-0:8.0p1-13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass-debuginfo@8.0p1-13.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-cavs-debuginfo-0:8.0p1-13.el8.s390x",
"product": {
"name": "openssh-cavs-debuginfo-0:8.0p1-13.el8.s390x",
"product_id": "openssh-cavs-debuginfo-0:8.0p1-13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-cavs-debuginfo@8.0p1-13.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-clients-debuginfo-0:8.0p1-13.el8.s390x",
"product": {
"name": "openssh-clients-debuginfo-0:8.0p1-13.el8.s390x",
"product_id": "openssh-clients-debuginfo-0:8.0p1-13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-clients-debuginfo@8.0p1-13.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-debuginfo-0:8.0p1-13.el8.s390x",
"product": {
"name": "openssh-debuginfo-0:8.0p1-13.el8.s390x",
"product_id": "openssh-debuginfo-0:8.0p1-13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-debuginfo@8.0p1-13.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-keycat-debuginfo-0:8.0p1-13.el8.s390x",
"product": {
"name": "openssh-keycat-debuginfo-0:8.0p1-13.el8.s390x",
"product_id": "openssh-keycat-debuginfo-0:8.0p1-13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-keycat-debuginfo@8.0p1-13.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-ldap-debuginfo-0:8.0p1-13.el8.s390x",
"product": {
"name": "openssh-ldap-debuginfo-0:8.0p1-13.el8.s390x",
"product_id": "openssh-ldap-debuginfo-0:8.0p1-13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-ldap-debuginfo@8.0p1-13.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-server-debuginfo-0:8.0p1-13.el8.s390x",
"product": {
"name": "openssh-server-debuginfo-0:8.0p1-13.el8.s390x",
"product_id": "openssh-server-debuginfo-0:8.0p1-13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server-debuginfo@8.0p1-13.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.s390x",
"product": {
"name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.s390x",
"product_id": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.3-7.13.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-askpass-0:8.0p1-13.el8.s390x",
"product": {
"name": "openssh-askpass-0:8.0p1-13.el8.s390x",
"product_id": "openssh-askpass-0:8.0p1-13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass@8.0p1-13.el8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:8.0p1-13.el8.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-0:8.0p1-13.el8.src"
},
"product_reference": "openssh-0:8.0p1-13.el8.src",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-askpass-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-askpass-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-askpass-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-askpass-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-debuginfo-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-askpass-debuginfo-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-debuginfo-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-askpass-debuginfo-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-debuginfo-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-askpass-debuginfo-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-debuginfo-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-askpass-debuginfo-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-cavs-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-cavs-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-cavs-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-cavs-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-debuginfo-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-cavs-debuginfo-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-debuginfo-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-cavs-debuginfo-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-debuginfo-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-cavs-debuginfo-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-debuginfo-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-cavs-debuginfo-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-clients-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-clients-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-clients-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-clients-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-debuginfo-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-clients-debuginfo-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-debuginfo-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-clients-debuginfo-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-debuginfo-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-clients-debuginfo-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-debuginfo-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-clients-debuginfo-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-debuginfo-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-debuginfo-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-debuginfo-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-debuginfo-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debugsource-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-debugsource-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debugsource-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-debugsource-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debugsource-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-debugsource-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debugsource-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-debugsource-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-keycat-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-keycat-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-keycat-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-keycat-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-debuginfo-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-keycat-debuginfo-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-debuginfo-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-keycat-debuginfo-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-debuginfo-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-keycat-debuginfo-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-debuginfo-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-keycat-debuginfo-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-ldap-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-ldap-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-ldap-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-ldap-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-debuginfo-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-ldap-debuginfo-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-debuginfo-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-ldap-debuginfo-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-debuginfo-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-ldap-debuginfo-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-debuginfo-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-ldap-debuginfo-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-server-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-server-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-server-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-server-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-server-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-server-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-server-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-server-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-debuginfo-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-server-debuginfo-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-debuginfo-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-server-debuginfo-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-debuginfo-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-server-debuginfo-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-debuginfo-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-server-debuginfo-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.aarch64"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.ppc64le"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.s390x"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.s390x",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.x86_64"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.aarch64"
},
"product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.ppc64le"
},
"product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.s390x"
},
"product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.s390x",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.x86_64"
},
"product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:8.0p1-13.el8.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-0:8.0p1-13.el8.src"
},
"product_reference": "openssh-0:8.0p1-13.el8.src",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-askpass-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-askpass-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-askpass-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-askpass-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-debuginfo-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-askpass-debuginfo-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-debuginfo-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-askpass-debuginfo-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-debuginfo-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-askpass-debuginfo-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-debuginfo-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-askpass-debuginfo-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-cavs-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-cavs-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-cavs-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-cavs-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-debuginfo-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-cavs-debuginfo-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-debuginfo-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-cavs-debuginfo-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-debuginfo-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-cavs-debuginfo-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-debuginfo-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-cavs-debuginfo-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-clients-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-clients-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-clients-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-clients-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-debuginfo-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-clients-debuginfo-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-debuginfo-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-clients-debuginfo-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-debuginfo-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-clients-debuginfo-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-debuginfo-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-clients-debuginfo-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-debuginfo-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-debuginfo-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-debuginfo-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-debuginfo-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debugsource-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-debugsource-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debugsource-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-debugsource-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debugsource-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-debugsource-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debugsource-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-debugsource-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-keycat-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-keycat-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-keycat-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-keycat-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-debuginfo-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-keycat-debuginfo-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-debuginfo-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-keycat-debuginfo-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-debuginfo-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-keycat-debuginfo-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-debuginfo-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-keycat-debuginfo-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-ldap-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-ldap-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-ldap-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-ldap-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-debuginfo-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-ldap-debuginfo-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-debuginfo-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-ldap-debuginfo-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-debuginfo-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-ldap-debuginfo-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-debuginfo-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-ldap-debuginfo-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-server-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-server-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-server-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-server-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-server-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-server-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-server-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-server-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-debuginfo-0:8.0p1-13.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.aarch64"
},
"product_reference": "openssh-server-debuginfo-0:8.0p1-13.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-debuginfo-0:8.0p1-13.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.ppc64le"
},
"product_reference": "openssh-server-debuginfo-0:8.0p1-13.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-debuginfo-0:8.0p1-13.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.s390x"
},
"product_reference": "openssh-server-debuginfo-0:8.0p1-13.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-debuginfo-0:8.0p1-13.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.x86_64"
},
"product_reference": "openssh-server-debuginfo-0:8.0p1-13.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.aarch64"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.ppc64le"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.s390x"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.x86_64"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-7.13.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.aarch64"
},
"product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.ppc64le"
},
"product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.s390x"
},
"product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.x86_64"
},
"product_reference": "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-41617",
"cwe": {
"id": "CWE-273",
"name": "Improper Check for Dropped Privileges"
},
"discovery_date": "2021-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2008291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSH. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user. Depending on system configuration, inherited groups may allow AuthorizedKeysCommand/AuthorizedPrincipalsCommand helper programs to gain unintended privileges, potentially leading to local privilege escalation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Neither the `AuthorizedKeysCommand` directive nor `AuthorizedPrincipalsCommand` are enabled by default in the versions of OpenSSH as shipped with Red Hat Enterprise Linux 7 and 8.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.GA:openssh-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-0:8.0p1-13.el8.src",
"AppStream-8.6.0.GA:openssh-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-server-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-server-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-server-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-server-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.aarch64",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.ppc64le",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.s390x",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.x86_64",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.aarch64",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.ppc64le",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.s390x",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-0:8.0p1-13.el8.src",
"BaseOS-8.6.0.GA:openssh-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-server-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-server-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-server-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-server-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.aarch64",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.ppc64le",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.s390x",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.x86_64",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.aarch64",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.ppc64le",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.s390x",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-41617"
},
{
"category": "external",
"summary": "RHBZ#2008291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-41617",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-41617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41617"
},
{
"category": "external",
"summary": "https://www.openssh.com/txt/release-8.8",
"url": "https://www.openssh.com/txt/release-8.8"
}
],
"release_date": "2021-09-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T14:26:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the OpenSSH server daemon (sshd) will be restarted automatically.",
"product_ids": [
"AppStream-8.6.0.GA:openssh-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-0:8.0p1-13.el8.src",
"AppStream-8.6.0.GA:openssh-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-server-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-server-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-server-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-server-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.aarch64",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.ppc64le",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.s390x",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.x86_64",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.aarch64",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.ppc64le",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.s390x",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-0:8.0p1-13.el8.src",
"BaseOS-8.6.0.GA:openssh-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-server-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-server-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-server-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-server-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.aarch64",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.ppc64le",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.s390x",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.x86_64",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.aarch64",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.ppc64le",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.s390x",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:2013"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.6.0.GA:openssh-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-0:8.0p1-13.el8.src",
"AppStream-8.6.0.GA:openssh-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-server-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-server-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-server-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-server-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.aarch64",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.ppc64le",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.s390x",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.x86_64",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.aarch64",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.ppc64le",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.s390x",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-0:8.0p1-13.el8.src",
"BaseOS-8.6.0.GA:openssh-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-server-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-server-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-server-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-server-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.aarch64",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.ppc64le",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.s390x",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.x86_64",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.aarch64",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.ppc64le",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.s390x",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.GA:openssh-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-0:8.0p1-13.el8.src",
"AppStream-8.6.0.GA:openssh-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-server-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-server-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-server-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-server-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.aarch64",
"AppStream-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.ppc64le",
"AppStream-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.s390x",
"AppStream-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.x86_64",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.aarch64",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.ppc64le",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.s390x",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.x86_64",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.aarch64",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.ppc64le",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.s390x",
"AppStream-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-0:8.0p1-13.el8.src",
"BaseOS-8.6.0.GA:openssh-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-askpass-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-askpass-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-cavs-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-cavs-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-clients-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-clients-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-debugsource-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-keycat-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-keycat-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-ldap-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-ldap-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-server-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-server-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-server-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-server-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.aarch64",
"BaseOS-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.ppc64le",
"BaseOS-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.s390x",
"BaseOS-8.6.0.GA:openssh-server-debuginfo-0:8.0p1-13.el8.x86_64",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.aarch64",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.ppc64le",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.s390x",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-0:0.10.3-7.13.el8.x86_64",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.aarch64",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.ppc64le",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.s390x",
"BaseOS-8.6.0.GA:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.13.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured"
}
]
}
RHSA-2021:4782
Vulnerability from csaf_redhat - Published: 2021-11-23 17:42 - Updated: 2025-11-21 18:27Summary
Red Hat Security Advisory: openssh security update
Notes
Topic
An update for openssh is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.
Security Fix(es):
* openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured (CVE-2021-41617)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for openssh is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.\n\nSecurity Fix(es):\n\n* openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured (CVE-2021-41617)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:4782",
"url": "https://access.redhat.com/errata/RHSA-2021:4782"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1999263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999263"
},
{
"category": "external",
"summary": "2008291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008291"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_4782.json"
}
],
"title": "Red Hat Security Advisory: openssh security update",
"tracking": {
"current_release_date": "2025-11-21T18:27:00+00:00",
"generator": {
"date": "2025-11-21T18:27:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2021:4782",
"initial_release_date": "2021-11-23T17:42:27+00:00",
"revision_history": [
{
"date": "2021-11-23T17:42:27+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-11-23T17:42:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:27:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-0:7.4p1-22.el7_9.src",
"product": {
"name": "openssh-0:7.4p1-22.el7_9.src",
"product_id": "openssh-0:7.4p1-22.el7_9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh@7.4p1-22.el7_9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-0:7.4p1-22.el7_9.x86_64",
"product": {
"name": "openssh-0:7.4p1-22.el7_9.x86_64",
"product_id": "openssh-0:7.4p1-22.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh@7.4p1-22.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"product": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"product_id": "openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass@7.4p1-22.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-clients-0:7.4p1-22.el7_9.x86_64",
"product": {
"name": "openssh-clients-0:7.4p1-22.el7_9.x86_64",
"product_id": "openssh-clients-0:7.4p1-22.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-clients@7.4p1-22.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"product": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"product_id": "openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-keycat@7.4p1-22.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-server-0:7.4p1-22.el7_9.x86_64",
"product": {
"name": "openssh-server-0:7.4p1-22.el7_9.x86_64",
"product_id": "openssh-server-0:7.4p1-22.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server@7.4p1-22.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"product": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"product_id": "openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-debuginfo@7.4p1-22.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"product": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"product_id": "openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-cavs@7.4p1-22.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"product": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"product_id": "openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-ldap@7.4p1-22.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"product": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"product_id": "openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server-sysvinit@7.4p1-22.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"product": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"product_id": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.3-2.22.el7_9?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"product": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"product_id": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.3-2.22.el7_9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"product": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"product_id": "openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-debuginfo@7.4p1-22.el7_9?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-0:7.4p1-22.el7_9.ppc64le",
"product": {
"name": "openssh-0:7.4p1-22.el7_9.ppc64le",
"product_id": "openssh-0:7.4p1-22.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh@7.4p1-22.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"product": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"product_id": "openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass@7.4p1-22.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"product": {
"name": "openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"product_id": "openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-clients@7.4p1-22.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"product": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"product_id": "openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-keycat@7.4p1-22.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openssh-server-0:7.4p1-22.el7_9.ppc64le",
"product": {
"name": "openssh-server-0:7.4p1-22.el7_9.ppc64le",
"product_id": "openssh-server-0:7.4p1-22.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server@7.4p1-22.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"product": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"product_id": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-debuginfo@7.4p1-22.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"product": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"product_id": "openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-cavs@7.4p1-22.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"product": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"product_id": "openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-ldap@7.4p1-22.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"product": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"product_id": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server-sysvinit@7.4p1-22.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"product": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"product_id": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.3-2.22.el7_9?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-0:7.4p1-22.el7_9.ppc64",
"product": {
"name": "openssh-0:7.4p1-22.el7_9.ppc64",
"product_id": "openssh-0:7.4p1-22.el7_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh@7.4p1-22.el7_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"product": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"product_id": "openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass@7.4p1-22.el7_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "openssh-clients-0:7.4p1-22.el7_9.ppc64",
"product": {
"name": "openssh-clients-0:7.4p1-22.el7_9.ppc64",
"product_id": "openssh-clients-0:7.4p1-22.el7_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-clients@7.4p1-22.el7_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"product": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"product_id": "openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-keycat@7.4p1-22.el7_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "openssh-server-0:7.4p1-22.el7_9.ppc64",
"product": {
"name": "openssh-server-0:7.4p1-22.el7_9.ppc64",
"product_id": "openssh-server-0:7.4p1-22.el7_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server@7.4p1-22.el7_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"product": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"product_id": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-debuginfo@7.4p1-22.el7_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"product": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"product_id": "openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-cavs@7.4p1-22.el7_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"product": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"product_id": "openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-ldap@7.4p1-22.el7_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"product": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"product_id": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server-sysvinit@7.4p1-22.el7_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"product": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"product_id": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.3-2.22.el7_9?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssh-0:7.4p1-22.el7_9.s390x",
"product": {
"name": "openssh-0:7.4p1-22.el7_9.s390x",
"product_id": "openssh-0:7.4p1-22.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh@7.4p1-22.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-askpass-0:7.4p1-22.el7_9.s390x",
"product": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.s390x",
"product_id": "openssh-askpass-0:7.4p1-22.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-askpass@7.4p1-22.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-clients-0:7.4p1-22.el7_9.s390x",
"product": {
"name": "openssh-clients-0:7.4p1-22.el7_9.s390x",
"product_id": "openssh-clients-0:7.4p1-22.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-clients@7.4p1-22.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-keycat-0:7.4p1-22.el7_9.s390x",
"product": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.s390x",
"product_id": "openssh-keycat-0:7.4p1-22.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-keycat@7.4p1-22.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-server-0:7.4p1-22.el7_9.s390x",
"product": {
"name": "openssh-server-0:7.4p1-22.el7_9.s390x",
"product_id": "openssh-server-0:7.4p1-22.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server@7.4p1-22.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"product": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"product_id": "openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-debuginfo@7.4p1-22.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-cavs-0:7.4p1-22.el7_9.s390x",
"product": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.s390x",
"product_id": "openssh-cavs-0:7.4p1-22.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-cavs@7.4p1-22.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-ldap-0:7.4p1-22.el7_9.s390x",
"product": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.s390x",
"product_id": "openssh-ldap-0:7.4p1-22.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-ldap@7.4p1-22.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"product": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"product_id": "openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-server-sysvinit@7.4p1-22.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"product": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"product_id": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.3-2.22.el7_9?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"product": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"product_id": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.3-2.22.el7_9?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"product": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"product_id": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-debuginfo@7.4p1-22.el7_9?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"product": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"product_id": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.3-2.22.el7_9?arch=s390"
}
}
},
{
"category": "product_version",
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"product": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"product_id": "openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openssh-debuginfo@7.4p1-22.el7_9?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.src as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-0:7.4p1-22.el7_9.src"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.src",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.i686 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.s390 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.src"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.src",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.src"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.src",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-0:7.4p1-22.el7_9.src"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.src",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.i686 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.s390 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.src"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.src",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-0:7.4p1-22.el7_9.src"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.src",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.src"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.src",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-askpass-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-cavs-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-clients-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-clients-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-debuginfo-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-keycat-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-ldap-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-server-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64"
},
"product_reference": "openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64"
},
"product_reference": "pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-41617",
"cwe": {
"id": "CWE-273",
"name": "Improper Check for Dropped Privileges"
},
"discovery_date": "2021-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2008291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSH. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user. Depending on system configuration, inherited groups may allow AuthorizedKeysCommand/AuthorizedPrincipalsCommand helper programs to gain unintended privileges, potentially leading to local privilege escalation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Neither the `AuthorizedKeysCommand` directive nor `AuthorizedPrincipalsCommand` are enabled by default in the versions of OpenSSH as shipped with Red Hat Enterprise Linux 7 and 8.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7Client-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7Client-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7ComputeNode-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"7Server-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7Server-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7Server-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7Workstation-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7Workstation-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-41617"
},
{
"category": "external",
"summary": "RHBZ#2008291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-41617",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41617"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-41617",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41617"
},
{
"category": "external",
"summary": "https://www.openssh.com/txt/release-8.8",
"url": "https://www.openssh.com/txt/release-8.8"
}
],
"release_date": "2021-09-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-23T17:42:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the OpenSSH server daemon (sshd) will be restarted automatically.",
"product_ids": [
"7Client-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7Client-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7Client-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7ComputeNode-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"7Server-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7Server-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7Server-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7Workstation-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7Workstation-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4782"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Client-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7Client-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7Client-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7ComputeNode-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"7Server-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7Server-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7Server-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7Workstation-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7Workstation-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Client-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7Client-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7Client-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7Client-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7Client-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7Client-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7Client-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7Client-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7Client-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7Client-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7Client-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7ComputeNode-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"7Server-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7Server-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7Server-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7Server-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7Server-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7Server-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7Server-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7Server-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7Server-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7Server-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7Server-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7Workstation-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7Workstation-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7Workstation-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7Workstation-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.src",
"7Workstation-optional-7.9.Z:openssh-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-askpass-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-cavs-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-clients-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.i686",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-debuginfo-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-keycat-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-ldap-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-server-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.s390x",
"7Workstation-optional-7.9.Z:openssh-server-sysvinit-0:7.4p1-22.el7_9.x86_64",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.i686",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.s390x",
"7Workstation-optional-7.9.Z:pam_ssh_agent_auth-0:0.10.3-2.22.el7_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured"
}
]
}
MSRC_CVE-2021-41617
Vulnerability from csaf_microsoft - Published: 2021-09-02 00:00 - Updated: 2021-10-02 00:00Summary
sshd in OpenSSH 6.2 through 8.x before 8.8 when certain non-default configurations are used allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process if the configuration specifies running the command as a different user.
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2021-41617 sshd in OpenSSH 6.2 through 8.x before 8.8 when certain non-default configurations are used allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process if the configuration specifies running the command as a different user. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2021/msrc_cve-2021-41617.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "sshd in OpenSSH 6.2 through 8.x before 8.8 when certain non-default configurations are used allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process if the configuration specifies running the command as a different user.",
"tracking": {
"current_release_date": "2021-10-02T00:00:00.000Z",
"generator": {
"date": "2026-01-03T09:28:40.722Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2021-41617",
"initial_release_date": "2021-09-02T00:00:00.000Z",
"revision_history": [
{
"date": "2021-10-02T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1.0",
"product": {
"name": "CBL Mariner 1.0",
"product_id": "16820"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccm1 openssh 8.8p1-1",
"product": {
"name": "\u003ccm1 openssh 8.8p1-1",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cm1 openssh 8.8p1-1",
"product": {
"name": "cm1 openssh 8.8p1-1",
"product_id": "16862"
}
}
],
"category": "product_name",
"name": "openssh"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccm1 openssh 8.8p1-1 as a component of CBL Mariner 1.0",
"product_id": "16820-1"
},
"product_reference": "1",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cm1 openssh 8.8p1-1 as a component of CBL Mariner 1.0",
"product_id": "16862-16820"
},
"product_reference": "16862",
"relates_to_product_reference": "16820"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-41617",
"notes": [
{
"category": "general",
"text": "mitre",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"16862-16820"
],
"known_affected": [
"16820-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-41617 sshd in OpenSSH 6.2 through 8.x before 8.8 when certain non-default configurations are used allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process if the configuration specifies running the command as a different user. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2021/msrc_cve-2021-41617.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2021-10-02T00:00:00.000Z",
"details": "-:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"16820-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"16820-1"
]
}
],
"title": "sshd in OpenSSH 6.2 through 8.x before 8.8 when certain non-default configurations are used allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process if the configuration specifies running the command as a different user."
}
]
}
GSD-2021-41617
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-41617",
"description": "sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.",
"id": "GSD-2021-41617",
"references": [
"https://www.suse.com/security/cve/CVE-2021-41617.html",
"https://access.redhat.com/errata/RHSA-2021:4782",
"https://advisories.mageia.org/CVE-2021-41617.html",
"https://security.archlinux.org/CVE-2021-41617",
"https://alas.aws.amazon.com/cve/html/CVE-2021-41617.html",
"https://linux.oracle.com/cve/CVE-2021-41617.html",
"https://access.redhat.com/errata/RHSA-2022:2013",
"https://ubuntu.com/security/CVE-2021-41617"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-41617"
],
"details": "sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.",
"id": "GSD-2021-41617",
"modified": "2023-12-13T01:23:27.288564Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-41617",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openssh.com/security.html",
"refsource": "MISC",
"url": "https://www.openssh.com/security.html"
},
{
"name": "https://www.openwall.com/lists/oss-security/2021/09/26/1",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2021/09/26/1"
},
{
"name": "https://www.openssh.com/txt/release-8.8",
"refsource": "MISC",
"url": "https://www.openssh.com/txt/release-8.8"
},
{
"name": "FEDORA-2021-1f7339271d",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/"
},
{
"name": "FEDORA-2021-f8df0f8563",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/"
},
{
"name": "FEDORA-2021-fa0e94198f",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1190975",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1190975"
},
{
"name": "https://security.netapp.com/advisory/ntap-20211014-0004/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20211014-0004/"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"name": "https://www.starwindsoftware.com/security/sw-20220805-0001/",
"refsource": "MISC",
"url": "https://www.starwindsoftware.com/security/sw-20220805-0001/"
},
{
"name": "https://www.tenable.com/plugins/nessus/154174",
"refsource": "MISC",
"url": "https://www.tenable.com/plugins/nessus/154174"
},
{
"name": "DSA-5586",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2023/dsa-5586"
},
{
"name": "[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F20A48B-F6C5-4296-82AE-DA00D6A20BCE",
"versionEndExcluding": "8.8",
"versionStartIncluding": "6.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
"matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FE996B1-6951-4F85-AA58-B99A379D2163",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C19813-E823-456A-B1CE-EC0684CE1953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:aff_a250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B1F59C-6ADA-4930-834F-2A8A8444F6AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:aff_a250_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D5DE972-F8B8-4964-943A-DA0BD18289D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:aff_500f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2AB58180-E5E0-4056-ABF9-A99E9F6A9E86",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:aff_500f_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "578BB9A7-BF28-4068-A9A6-1DE19CEEC293",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:http_server:12.2.1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "38A45A86-3B7E-4245-B717-2A6E868BE6BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DFC79B17-E9D2-44D5-93ED-2F959E7A3D43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD04BEE5-E9A8-4584-A68C-0195CE9C402C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8r13:14398:*:*:*:*:*:*",
"matchCriteriaId": "DE49F316-C502-4D7A-AA70-D7745AEDAA93",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user."
},
{
"lang": "es",
"value": "sshd en OpenSSH versiones 6.2 hasta 8.x anteriores a 8.8, cuando son usadas determinadas configuraciones no predeterminadas, permite una escalada de privilegios porque los grupos complementarios no son inicializados como se espera. Los programas de ayuda para AuthorizedKeysCommand y AuthorizedPrincipalsCommand pueden ejecutarse con privilegios asociados a la pertenencia a grupos del proceso sshd, si la configuraci\u00f3n especifica la ejecuci\u00f3n del comando como un usuario diferente"
}
],
"id": "CVE-2021-41617",
"lastModified": "2023-12-26T04:15:07.520",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-26T19:15:07.263",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1190975"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20211014-0004/"
},
{
"source": "cve@mitre.org",
"url": "https://www.debian.org/security/2023/dsa-5586"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.openssh.com/security.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.openssh.com/txt/release-8.8"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2021/09/26/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.starwindsoftware.com/security/sw-20220805-0001/"
},
{
"source": "cve@mitre.org",
"url": "https://www.tenable.com/plugins/nessus/154174"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
}
}
}
FKIE_CVE-2021-41617
Vulnerability from fkie_nvd - Published: 2021-09-26 19:15 - Updated: 2024-11-21 06:26
Severity ?
Summary
sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://bugzilla.suse.com/show_bug.cgi?id=1190975 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/ | ||
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20211014-0004/ | Third Party Advisory | |
| cve@mitre.org | https://www.debian.org/security/2023/dsa-5586 | ||
| cve@mitre.org | https://www.openssh.com/security.html | Vendor Advisory | |
| cve@mitre.org | https://www.openssh.com/txt/release-8.8 | Release Notes, Vendor Advisory | |
| cve@mitre.org | https://www.openwall.com/lists/oss-security/2021/09/26/1 | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://www.oracle.com/security-alerts/cpuapr2022.html | Patch, Third Party Advisory | |
| cve@mitre.org | https://www.oracle.com/security-alerts/cpujul2022.html | Third Party Advisory | |
| cve@mitre.org | https://www.starwindsoftware.com/security/sw-20220805-0001/ | Third Party Advisory | |
| cve@mitre.org | https://www.tenable.com/plugins/nessus/154174 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.suse.com/show_bug.cgi?id=1190975 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20211014-0004/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2023/dsa-5586 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openssh.com/security.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openssh.com/txt/release-8.8 | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2021/09/26/1 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuapr2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpujul2022.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.starwindsoftware.com/security/sw-20220805-0001/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/plugins/nessus/154174 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openbsd | openssh | * | |
| fedoraproject | fedora | 33 | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| netapp | active_iq_unified_manager | - | |
| netapp | clustered_data_ontap | - | |
| netapp | hci_management_node | - | |
| netapp | ontap_select_deploy_administration_utility | - | |
| netapp | solidfire | - | |
| netapp | aff_a250_firmware | - | |
| netapp | aff_a250 | - | |
| netapp | aff_500f_firmware | - | |
| netapp | aff_500f | - | |
| oracle | http_server | 12.2.1.2.0 | |
| oracle | http_server | 12.2.1.3.0 | |
| oracle | http_server | 12.2.1.4.0 | |
| oracle | zfs_storage_appliance_kit | 8.8 | |
| starwindsoftware | starwind_virtual_san | v8r13 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F20A48B-F6C5-4296-82AE-DA00D6A20BCE",
"versionEndExcluding": "8.8",
"versionStartIncluding": "6.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
"matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FE996B1-6951-4F85-AA58-B99A379D2163",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C19813-E823-456A-B1CE-EC0684CE1953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:aff_a250_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D5DE972-F8B8-4964-943A-DA0BD18289D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:aff_a250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B1F59C-6ADA-4930-834F-2A8A8444F6AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:aff_500f_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "578BB9A7-BF28-4068-A9A6-1DE19CEEC293",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:aff_500f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2AB58180-E5E0-4056-ABF9-A99E9F6A9E86",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:http_server:12.2.1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "38A45A86-3B7E-4245-B717-2A6E868BE6BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DFC79B17-E9D2-44D5-93ED-2F959E7A3D43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD04BEE5-E9A8-4584-A68C-0195CE9C402C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8r13:14398:*:*:*:*:*:*",
"matchCriteriaId": "DE49F316-C502-4D7A-AA70-D7745AEDAA93",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user."
},
{
"lang": "es",
"value": "sshd en OpenSSH versiones 6.2 hasta 8.x anteriores a 8.8, cuando son usadas determinadas configuraciones no predeterminadas, permite una escalada de privilegios porque los grupos complementarios no son inicializados como se espera. Los programas de ayuda para AuthorizedKeysCommand y AuthorizedPrincipalsCommand pueden ejecutarse con privilegios asociados a la pertenencia a grupos del proceso sshd, si la configuraci\u00f3n especifica la ejecuci\u00f3n del comando como un usuario diferente"
}
],
"id": "CVE-2021-41617",
"lastModified": "2024-11-21T06:26:32.077",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-26T19:15:07.263",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1190975"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20211014-0004/"
},
{
"source": "cve@mitre.org",
"url": "https://www.debian.org/security/2023/dsa-5586"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.openssh.com/security.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.openssh.com/txt/release-8.8"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2021/09/26/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.starwindsoftware.com/security/sw-20220805-0001/"
},
{
"source": "cve@mitre.org",
"url": "https://www.tenable.com/plugins/nessus/154174"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1190975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XJIONMHMKZDTMH6BQR5TNLF2WDCGWED/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVI7RWM2JLNMWTOFK6BDUSGNOIPZYPUT/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W44V2PFQH5YLRN6ZJTVRKAD7CU6CYYET/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20211014-0004/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2023/dsa-5586"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.openssh.com/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.openssh.com/txt/release-8.8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2021/09/26/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.starwindsoftware.com/security/sw-20220805-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.tenable.com/plugins/nessus/154174"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…