CVE-2026-23810 (GCVE-0-2026-23810)
Vulnerability from cvelistv5 – Published: 2026-03-04 16:11 – Updated: 2026-04-01 16:21
VLAI
Title
Cross-BSSID GTK Re-encryption and Traffic Injection
Summary
A vulnerability in the packet processing logic may allow an authenticated attacker to craft and transmit a malicious Wi-Fi frame that causes an Access Point (AP) to classify the frame as group-addressed traffic and re-encrypt it using the Group Temporal Key (GTK) associated with the victim's BSSID. Successful exploitation may enable GTK-independent traffic injection and, when combined with a port-stealing technique, allows an attacker to redirect intercepted traffic to facilitate machine-in-the-middle (MitM) attacks across BSSID boundaries.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-300 - Channel Accessible by Non-Endpoint
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating Systems (AOS-8 & AOS-10) |
Affected:
10.8.0.0
(semver)
Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) Affected: 8.13.0.0 , ≤ 8.13.1.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23810",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-04T17:43:24.944016Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-300",
"description": "CWE-300 Channel Accessible by Non-Endpoint",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-04T17:46:09.493Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating Systems (AOS-8 \u0026 AOS-10)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Xin\u0027an Zhou, Juefei Pu, Zhutian Liu, Zhiyun Qian, Zhaowei Tan,Srikanth V. Krishnamurthy from University of California, and Mathy Vanhoef from DistriNet, KU Leuven"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability in the packet processing logic may allow an authenticated attacker to craft and transmit a malicious Wi-Fi frame that causes an Access Point (AP) to classify the frame as group-addressed traffic and re-encrypt it using the Group Temporal Key (GTK) associated with the victim\u0027s BSSID. Successful exploitation may enable GTK-independent traffic injection and, when combined with a port-stealing technique, allows an attacker to redirect intercepted traffic to facilitate machine-in-the-middle (MitM) attacks across BSSID boundaries.\u003c/p\u003e"
}
],
"value": "A vulnerability in the packet processing logic may allow an authenticated attacker to craft and transmit a malicious Wi-Fi frame that causes an Access Point (AP) to classify the frame as group-addressed traffic and re-encrypt it using the Group Temporal Key (GTK) associated with the victim\u0027s BSSID. Successful exploitation may enable GTK-independent traffic injection and, when combined with a port-stealing technique, allows an attacker to redirect intercepted traffic to facilitate machine-in-the-middle (MitM) attacks across BSSID boundaries."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T16:21:49.641Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05026en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05026",
"discovery": "EXTERNAL"
},
"title": "Cross-BSSID GTK Re-encryption and Traffic Injection",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-23810",
"datePublished": "2026-03-04T16:11:35.964Z",
"dateReserved": "2026-01-16T15:22:38.201Z",
"dateUpdated": "2026-04-01T16:21:49.641Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-23810",
"date": "2026-06-30",
"epss": "0.00182",
"percentile": "0.07954"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-23810\",\"sourceIdentifier\":\"security-alert@hpe.com\",\"published\":\"2026-03-04T17:16:19.060\",\"lastModified\":\"2026-06-17T10:22:08.250\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the packet processing logic may allow an authenticated attacker to craft and transmit a malicious Wi-Fi frame that causes an Access Point (AP) to classify the frame as group-addressed traffic and re-encrypt it using the Group Temporal Key (GTK) associated with the victim\u0027s BSSID. Successful exploitation may enable GTK-independent traffic injection and, when combined with a port-stealing technique, allows an attacker to redirect intercepted traffic to facilitate machine-in-the-middle (MitM) attacks across BSSID boundaries.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la l\u00f3gica de procesamiento de paquetes podr\u00eda permitir a un atacante autenticado crear y transmitir una trama Wi-Fi maliciosa que haga que un Punto de Acceso (AP) clasifique la trama como tr\u00e1fico dirigido a grupo y la vuelva a cifrar utilizando la Clave Temporal de Grupo (GTK) asociada con el BSSID de la v\u00edctima. La explotaci\u00f3n exitosa podr\u00eda permitir la inyecci\u00f3n de tr\u00e1fico independiente de GTK y, cuando se combina con una t\u00e9cnica de robo de puerto, permite a un atacante redirigir el tr\u00e1fico interceptado para facilitar ataques de m\u00e1quina en el medio (MitM) a trav\u00e9s de los l\u00edmites de BSSID.\"}],\"affected\":[{\"source\":\"security-alert@hpe.com\",\"affectedData\":[{\"vendor\":\"Hewlett Packard Enterprise (HPE)\",\"product\":\"HPE Aruba Networking Wireless Operating Systems (AOS-8 \u0026 AOS-10)\",\"defaultStatus\":\"affected\",\"versions\":[{\"version\":\"10.8.0.0\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"10.7.0.0\",\"lessThanOrEqual\":\"10.7.2.2\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"10.4.0.0\",\"lessThanOrEqual\":\"10.4.1.10\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"8.13.0.0\",\"lessThanOrEqual\":\"8.13.1.1\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"8.12.0.0\",\"lessThanOrEqual\":\"8.12.0.6\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"8.10.0.0\",\"lessThanOrEqual\":\"8.10.0.21\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-alert@hpe.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":3.1,\"baseSeverity\":\"LOW\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.6,\"impactScore\":1.4}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-03-04T17:43:24.944016Z\",\"id\":\"CVE-2026-23810\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-300\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.5.4.0\",\"versionEndIncluding\":\"8.10.0.21\",\"matchCriteriaId\":\"2B8A04E5-890D-4CBC-B504-2F50294C49A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.11.0.0\",\"versionEndIncluding\":\"8.12.0.6\",\"matchCriteriaId\":\"33943569-C024-4615-BA2C-874DD71EC077\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.13.0.0\",\"versionEndIncluding\":\"8.13.1.1\",\"matchCriteriaId\":\"9F95C3EA-87DF-448B-B63D-E469A38650AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.3.0.0\",\"versionEndIncluding\":\"10.4.1.10\",\"matchCriteriaId\":\"0ECE682E-B356-4960-AC0F-4C066B8CB7EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.5.0.0\",\"versionEndIncluding\":\"10.7.2.2\",\"matchCriteriaId\":\"3E7CE262-1F72-4AE3-BE71-9E09EBF64B02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arubanetworks:arubaos:10.8.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"291A71D4-415C-4478-9BC1-1873ED23B6E1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arubanetworks:7010:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59612211-5054-44DC-B028-61A2C5C6133D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arubanetworks:7030:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8E68DB6-149B-4469-BD27-69F1AC59166F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arubanetworks:7205:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E9AA178-1327-402E-8740-8409ECA448BC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arubanetworks:7210:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9969F899-4D7A-4DD5-B81D-DB16B20CF86A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arubanetworks:7220:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF33BAD0-0596-4910-B096-99E2033F73D8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arubanetworks:7240xm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDDFDA5E-3895-463A-86EA-1823EC1B5045\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arubanetworks:7280:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BBA9A71-BE10-471A-A8BE-5CCB8CE8393F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arubanetworks:9004:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFA13FF5-7C60-48B4-AF46-18A9F19D5D42\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arubanetworks:9004-lte:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B1EB3D9-77B5-4DBE-9518-23DD0DA06BC9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arubanetworks:9012:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17162DB3-973E-47C6-9157-39A0E94603F2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arubanetworks:9106:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"086E2884-82B9-4909-973A-2AF9796EE6A3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arubanetworks:9114:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6758409-B957-486D-96C0-BCDD91BE4E8A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arubanetworks:9240:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6BF9E0D-630F-40B4-9109-560CA13C981B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arubanetworks:ap-634:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69298E74-9FC7-4E96-9581-2B7F5CDD8956\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arubanetworks:ap-635:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0219C4A-855C-4CCC-9C56-499697A91B94\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arubanetworks:ap-654:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E4B96D6-2695-43E4-9956-872E0661B9ED\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arubanetworks:ap-655:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D18C831D-4D5C-4A50-8101-2CFB3D1B5210\"}]}]}],\"references\":[{\"url\":\"https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05026en_us\u0026docLocale=en_US\",\"source\":\"security-alert@hpe.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-23810\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-04T17:43:24.944016Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-300\", \"description\": \"CWE-300 Channel Accessible by Non-Endpoint\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-04T17:45:48.245Z\"}}], \"cna\": {\"title\": \"Cross-BSSID GTK Re-encryption and Traffic Injection\", \"source\": {\"advisory\": \"HPESBNW05026\", \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Xin\u0027an Zhou, Juefei Pu, Zhutian Liu, Zhiyun Qian, Zhaowei Tan,Srikanth V. Krishnamurthy from University of California, and Mathy Vanhoef from DistriNet, KU Leuven\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.3, \"attackVector\": \"ADJACENT_NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Hewlett Packard Enterprise (HPE)\", \"product\": \"HPE Aruba Networking Wireless Operating Systems (AOS-8 \u0026 AOS-10)\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.8.0.0\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"10.7.0.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"10.7.2.2\"}, {\"status\": \"affected\", \"version\": \"10.4.0.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"10.4.1.10\"}, {\"status\": \"affected\", \"version\": \"8.13.0.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"10.13.1.1\"}, {\"status\": \"affected\", \"version\": \"8.12.0.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"10.12.0.6\"}, {\"status\": \"affected\", \"version\": \"8.10.0.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"10.13.0.21\"}], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05026en_us\u0026docLocale=en_US\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the packet processing logic may allow an authenticated attacker to craft and transmit a malicious Wi-Fi frame that causes an Access Point (AP) to classify the frame as group-addressed traffic and re-encrypt it using the Group Temporal Key (GTK) associated with the victim\u0027s BSSID. Successful exploitation may enable GTK-independent traffic injection and, when combined with a port-stealing technique, allows an attacker to redirect intercepted traffic to facilitate machine-in-the-middle (MitM) attacks across BSSID boundaries.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eA vulnerability in the packet processing logic may allow an authenticated attacker to craft and transmit a malicious Wi-Fi frame that causes an Access Point (AP) to classify the frame as group-addressed traffic and re-encrypt it using the Group Temporal Key (GTK) associated with the victim\u0027s BSSID. Successful exploitation may enable GTK-independent traffic injection and, when combined with a port-stealing technique, allows an attacker to redirect intercepted traffic to facilitate machine-in-the-middle (MitM) attacks across BSSID boundaries.\u003c/p\u003e\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"eb103674-0d28-4225-80f8-39fb86215de0\", \"shortName\": \"hpe\", \"dateUpdated\": \"2026-03-04T16:11:35.964Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-23810\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-04T17:46:09.493Z\", \"dateReserved\": \"2026-01-16T15:22:38.201Z\", \"assignerOrgId\": \"eb103674-0d28-4225-80f8-39fb86215de0\", \"datePublished\": \"2026-03-04T16:11:35.964Z\", \"assignerShortName\": \"hpe\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…