All the vulnerabilites related to FUJITSU - Interstage
var-201404-0286
Vulnerability from variot
ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094. Apache Struts provided by the Apache Software Foundation is a software framework for creating Java web applications. Apache Struts contains a vulnerability where the ClassLoader may be manipulated. NTT-CERT reported this vulnerability to IPA. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Summary:
A minor version update (from 7.2 to 7.3) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description:
This release of Red Hat Fuse 7.3 serves as a replacement for Red Hat Fuse 7.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
-
jackson-databind: A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)
-
struts2: ClassLoader manipulation via request parameters (CVE-2014-0112)
-
jetty: HTTP request smuggling (CVE-2017-7657)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Solution:
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
Installation instructions are available from the Fuse 7.3.0 product documentation page: https://access.redhat.com/documentation/en-us/red_hat_fuse/7.3/
- Bugs fixed (https://bugzilla.redhat.com/):
1091939 - CVE-2014-0112 struts2: ClassLoader manipulation via request parameters 1462702 - CVE-2017-7525 jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper 1595620 - CVE-2017-7657 jetty: HTTP request smuggling
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2014-0007 Synopsis: VMware product updates address security vulnerabilities in Apache Struts library Issue date: 2014-06-24 Updated on: 2014-06-24 (Initial Advisory) CVE number: CVE-2014-0050, CVE-2014-0094, CVE-2014-0112
-
Summary
VMware product updates address security vulnerabilities in Apache Struts library
-
Relevant releases
VMware vCenter Operations Management Suite prior to 5.8.2
-
Problem Description
a. The Apache Struts library is updated to version 2.3.16.2 to address multiple security issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2014-0050, CVE-2014-0094, and
CVE-2014-0112 to these issues.
CVE-2014-0112 may lead to remote code execution. This issue was
found to be only partially addressed in CVE-2014-0094.
CVE-2014-0050 may lead to a denial of service condition.
vCenter Operations Management Suite (vCOps) is affected by both
CVE-2014-0112 and CVE-2014-0050. Exploitation of CVE-2014-0112
may lead to remote code execution without authentication.
vCenter Orchestrator (vCO) is affected by CVE-2014-0050 and not
by CVE-2014-0112.
Workaround
A workaround for CVE-2014-0112 is documented in VMware Knowledge Base
article 2081470.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======= ======= =================
vCOPS 5.8.x any vCOPS 5.8.2
vCOPS 5.7.x any patch pending *
vCO 5.5 any patch pending
vCO 5.1 any patch pending
vCO 4.2 any patch pending
*Customers are advised to apply the workaround or update to vCOps
5.8.2.
- Solution
Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.
vCenter Operations Management Suite 5.8.2
Downloads and Documentation: https://www.vmware.com/go/download-vcops
- References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0112
http://kb.vmware.com/kb/2081470
- Change log
2014-06-24 VMSA-2014-0007 Initial security advisory in conjunction with the release of vCenter Operations Management Suite 5.8.2 on 2014-06-24.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
security-announce at lists.vmware.com
bugtraq at securityfocus.com
fulldisclosure at seclists.org
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Advisories http://www.vmware.com/security/advisories
VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html
VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html
Twitter https://twitter.com/VMwareSRC
Copyright 2014 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: Encryption Desktop 10.3.2 (Build 15337) Charset: utf-8
wj8DBQFTqi0BDEcm8Vbi9kMRAnCKAJ9otVO7DlXuMnSEGh2TLBzS5hniKgCeMnAM CZ5+DYZAydCjMwVgtKqoo7Y= =Vwu5 -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201404-0286", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "struts", "scope": "gte", "trust": 1.0, "vendor": "apache", "version": "2.0.0" }, { "model": "struts", "scope": "lt", "trust": 1.0, "vendor": "apache", "version": "2.3.16.2" }, { "model": "struts", "scope": "eq", "trust": 0.8, "vendor": "apache", "version": "2.0.0 to 2.3.16.1" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3 for x86(32bit)" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3 for x86_64(64bit)" }, { "model": "cloud infrastructure management software", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "integrated system ha database ready", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "business analytics modeling server" }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "business process manager analytics" }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "extreme transaction processing server" }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "mobile manager" }, { "model": "interstage application development cycle manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage application framework suite", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage application server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage apworks", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage business application server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage interaction manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage job workload server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage service integrator", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage studio", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "serverview", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "resource orchestrator" }, { "model": "symfoware", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "analytics server" }, { "model": "symfoware", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "server" }, { "model": "systemwalker service catalog manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker service quality coordinator", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker software configuration manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "triole", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "cloudmiddleset b set" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.8" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.7" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.14.1" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.14" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.4.1" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.14.3" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.16.1" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.15" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.4" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.14.2" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2.3" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.8" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.6" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.5" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.2" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.14" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.12" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.11" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.10" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.9" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.8" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.7" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.6" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.5" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.4" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.3" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.2" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.1.2" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.1.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2.3.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.4" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.3" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.13" } ], "sources": [ { "db": "BID", "id": "67064" }, { "db": "JVNDB", "id": "JVNDB-2014-000045" }, { "db": "CNNVD", "id": "CNNVD-201404-445" }, { "db": "NVD", "id": "CVE-2014-0112" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.3.16.2", "versionStartIncluding": "2.0.0", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2014-0112" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Red Hat", "sources": [ { "db": "PACKETSTORM", "id": "152687" }, { "db": "CNNVD", "id": "CNNVD-201404-445" } ], "trust": 0.7 }, "cve": "CVE-2014-0112", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "impactScore": 6.4, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "IPA", "availabilityImpact": "Partial", "baseScore": 7.5, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "JVNDB-2014-000045", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULMON", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CVE-2014-0112", "impactScore": 6.4, "integrityImpact": "PARTIAL", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "HIGH", "trust": 0.1, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2014-0112", "trust": 1.0, "value": "HIGH" }, { "author": "IPA", "id": "JVNDB-2014-000045", "trust": 0.8, "value": "High" }, { "author": "CNNVD", "id": "CNNVD-201404-445", "trust": 0.6, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2014-0112", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0112" }, { "db": "JVNDB", "id": "JVNDB-2014-000045" }, { "db": "CNNVD", "id": "CNNVD-201404-445" }, { "db": "NVD", "id": "CVE-2014-0112" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094. Apache Struts provided by the Apache Software Foundation is a software framework for creating Java web applications. Apache Struts contains a vulnerability where the ClassLoader may be manipulated. NTT-CERT reported this vulnerability to IPA. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Summary:\n\nA minor version update (from 7.2 to 7.3) is now available for Red Hat Fuse. \nThe purpose of this text-only errata is to inform you about the security\nissues fixed in this release. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. Description:\n\nThis release of Red Hat Fuse 7.3 serves as a replacement for Red Hat Fuse\n7.2, and includes bug fixes and enhancements, which are documented in the\nRelease Notes document linked to in the References. \n\nSecurity Fix(es):\n\n* jackson-databind: A deserialization flaw was discovered in the\njackson-databind which could allow an unauthenticated user to perform code\nexecution by sending the maliciously crafted input to the readValue method\nof the ObjectMapper. (CVE-2017-7525)\n\n* struts2: ClassLoader manipulation via request parameters (CVE-2014-0112)\n\n* jetty: HTTP request smuggling (CVE-2017-7657)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section. Solution:\n\nBefore applying the update, back up your existing installation, including\nall applications, configuration files, databases and database settings, and\nso on. \n\nInstallation instructions are available from the Fuse 7.3.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.3/\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n1091939 - CVE-2014-0112 struts2: ClassLoader manipulation via request parameters\n1462702 - CVE-2017-7525 jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper\n1595620 - CVE-2017-7657 jetty: HTTP request smuggling\n\n5. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2014-0007\nSynopsis: VMware product updates address security vulnerabilities in \n Apache Struts library \nIssue date: 2014-06-24\nUpdated on: 2014-06-24 (Initial Advisory)\nCVE number: CVE-2014-0050, CVE-2014-0094, CVE-2014-0112\n- ------------------------------------------------------------------------\n\n1. Summary\n\n VMware product updates address security vulnerabilities in Apache \n Struts library\n\n2. Relevant releases\n\n VMware vCenter Operations Management Suite prior to 5.8.2\n\n3. Problem Description\n\n a. The Apache Struts library is updated to version 2.3.16.2 to \n address multiple security issues. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2014-0050, CVE-2014-0094, and\n CVE-2014-0112 to these issues. \n\n CVE-2014-0112 may lead to remote code execution. This issue was \n found to be only partially addressed in CVE-2014-0094. \n\n CVE-2014-0050 may lead to a denial of service condition. \n\n vCenter Operations Management Suite (vCOps) is affected by both \n CVE-2014-0112 and CVE-2014-0050. Exploitation of CVE-2014-0112\n may lead to remote code execution without authentication. \n\n vCenter Orchestrator (vCO) is affected by CVE-2014-0050 and not \n by CVE-2014-0112. \n\n Workaround\n\n A workaround for CVE-2014-0112 is documented in VMware Knowledge Base\n article 2081470. \n\n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is \n available. \n\n VMware Product\tRunning\tReplace with/\n Product Version\ton\tApply Patch\n ============= =======\t=======\t=================\n vCOPS\t 5.8.x \tany \tvCOPS 5.8.2\n vCOPS 5.7.x any patch pending *\n\n vCO 5.5 any patch pending\n vCO 5.1 any patch pending\n vCO 4.2 any patch pending\n\n *Customers are advised to apply the workaround or update to vCOps\n5.8.2. \n\n4. Solution\n\n Please review the patch/release notes for your product and version \n and verify the checksum of your downloaded file. \n\n vCenter Operations Management Suite 5.8.2\n -----------------------------------------\n Downloads and Documentation:\n https://www.vmware.com/go/download-vcops\n \n5. References\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0094\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0112\n\n http://kb.vmware.com/kb/2081470\n\n- ------------------------------------------------------------------------\n\n6. Change log\n\n 2014-06-24 VMSA-2014-0007\n Initial security advisory in conjunction with the release of vCenter\n Operations Management Suite 5.8.2 on 2014-06-24. \n\n- ------------------------------------------------------------------------\n\n7. Contact\n\n E-mail list for product security notifications and announcements:\n http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\n This Security Advisory is posted to the following lists:\n\n security-announce at lists.vmware.com\n bugtraq at securityfocus.com\n fulldisclosure at seclists.org\n\n E-mail: security at vmware.com\n PGP key at: http://kb.vmware.com/kb/1055\n\n VMware Security Advisories\n http://www.vmware.com/security/advisories\n\n VMware Security Response Policy\n https://www.vmware.com/support/policies/security_response.html\n\n VMware Lifecycle Support Phases\n https://www.vmware.com/support/policies/lifecycle.html\n \n Twitter\n https://twitter.com/VMwareSRC\n\n Copyright 2014 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: Encryption Desktop 10.3.2 (Build 15337)\nCharset: utf-8\n\nwj8DBQFTqi0BDEcm8Vbi9kMRAnCKAJ9otVO7DlXuMnSEGh2TLBzS5hniKgCeMnAM\nCZ5+DYZAydCjMwVgtKqoo7Y=\n=Vwu5\n-----END PGP SIGNATURE-----\n", "sources": [ { "db": "NVD", "id": "CVE-2014-0112" }, { "db": "JVNDB", "id": "JVNDB-2014-000045" }, { "db": "BID", "id": "67064" }, { "db": "VULMON", "id": "CVE-2014-0112" }, { "db": "PACKETSTORM", "id": "152687" }, { "db": "PACKETSTORM", "id": "127215" } ], "trust": 2.16 }, "exploit_availability": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=33142", "trust": 0.2, "type": "exploit" } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0112" } ] }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2014-0112", "trust": 3.0 }, { "db": "JVN", "id": "JVN19294237", "trust": 2.5 }, { "db": "JVNDB", "id": "JVNDB-2014-000045", "trust": 2.5 }, { "db": "BID", "id": "67064", "trust": 2.0 }, { "db": "PACKETSTORM", "id": "127215", "trust": 1.8 }, { "db": "SECUNIA", "id": "59500", "trust": 1.7 }, { "db": "SECUNIA", "id": "59178", "trust": 1.7 }, { "db": "CERT/CC", "id": "VU#719225", "trust": 0.8 }, { "db": "PACKETSTORM", "id": "152687", "trust": 0.7 }, { "db": "AUSCERT", "id": "ESB-2019.1493", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-201404-445", "trust": 0.6 }, { "db": "EXPLOITDB", "id": "33142", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2014-0112", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0112" }, { "db": "BID", "id": "67064" }, { "db": "JVNDB", "id": "JVNDB-2014-000045" }, { "db": "PACKETSTORM", "id": "152687" }, { "db": "PACKETSTORM", "id": "127215" }, { "db": "CNNVD", "id": "CNNVD-201404-445" }, { "db": "NVD", "id": "CVE-2014-0112" } ] }, "id": "VAR-201404-0286", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.1875 }, "last_update_date": "2024-04-19T20:14:12.803000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Announcements - 2013 24 April 2014 - Struts up to 2.3.16.1: Zero-Day Exploit Mitigation", "trust": 0.8, "url": "http://struts.apache.org/announce.html#a20140424" }, { "title": "Security Bulletins S2-020", "trust": 0.8, "url": "http://struts.apache.org/release/2.3.x/docs/s2-020.html" }, { "title": "Security Bulletins S2-021", "trust": 0.8, "url": "http://struts.apache.org/release/2.3.x/docs/s2-021.html" }, { "title": "Download a Release of Apache Struts -- Full Releases Struts 2.3.16.2", "trust": 0.8, "url": "http://struts.apache.org/download.cgi#struts23162" }, { "title": "struts-1.2.9-4jpp.8.AXS3 ", "trust": 0.8, "url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=3678\u0026stype=\u0026sproduct=\u0026published=1" }, { "title": "Interstage Application Development Cycle Manager(ADM): Apache Struts vulnerable (CVE-2014-0094)", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_aplidevcyclemgr_201401.html" }, { "title": "CVE-2014-0094, CVE-2014-0114: Apache Struts vulnerable to ClassLoader manipulation", "trust": 0.8, "url": "http://www.fujitsu.com/global/support/products/software/security/products-f/cve2014-0094-0114e.html" }, { "title": "Interstage Business Process Manager Analytics, Systemwalker Service Quality Coordinator: Vulnerability of allowing attackers to \"manipulate\" the ClassLoader (CVE-2014-0094). May 20th, 2014", "trust": 0.8, "url": "http://www.fujitsu.com/global/support/products/software/security/products-f/interstage-bpma201401e.html" }, { "title": "Symfoware Server (Open Interface) : Security vulnerabilities of Struts (CVE-2014-0094, CVE-2014-0112, CVE-2014-0113, CVE-2014-0116)", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/symfoware_201402.html" }, { "title": "Interstage Interaction Manager: Struts1 vulnerability (CVE-2014-0094)", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_im_201401.html" }, { "title": "Interstage Mobile Manager: Struts1 vulnerability (CVE-2014-0094)", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_mm_201401.html" }, { "title": "FUJITSU Integrated System HA Database Ready: Struts2 vulnerabilities (CVE-2014-0094,CVE-2014-0112,CVE-2014-0113,CVE-2014-0116)", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/ha_db_ready_201401.html" }, { "title": "1680848", "trust": 0.8, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680848" }, { "title": "1681190", "trust": 0.8, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681190" }, { "title": "2081470", "trust": 0.8, "url": "http://kb.vmware.com/selfservice/microsites/search.do?language=en_us\u0026cmd=displaykc\u0026externalid=2081470" }, { "title": "NV15-001", "trust": 0.8, "url": "http://jpn.nec.com/security-info/secinfo/nv15-001.html" }, { "title": "Oracle Critical Patch Update Advisory - April 2015", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "title": "Text Form of Oracle Critical Patch Update - April 2015 Risk Matrices", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015verbose-2365613.html" }, { "title": "Bug 1091939", "trust": 0.8, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1091939" }, { "title": "Huawei-SA-20140707-01-Struts2", "trust": 0.8, "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm" }, { "title": "April 2015 Critical Patch Update Released", "trust": 0.8, "url": "https://blogs.oracle.com/security/entry/april_2015_critical_patch_update" }, { "title": "Alert/Advisory: Multiple Vulnerabilities in Apache Struts on Trend Micro Products", "trust": 0.8, "url": "http://esupport.trendmicro.com/solution/ja-jp/1103321.aspx" }, { "title": "VMSA-2014-0007", "trust": 0.8, "url": "http://www.vmware.com/security/advisories/vmsa-2014-0007.html" }, { "title": "Red Hat: Important: Red Hat Fuse 7.3 security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20190910 - security advisory" }, { "title": "Red Hat: CVE-2014-0112", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2014-0112" }, { "title": "VMware Security Advisories: VMware product updates address security vulnerabilities in Apache Struts library", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=3f8f92a767d3e2773247be2d5077cbee" }, { "title": "Oracle: Oracle Critical Patch Update Advisory - April 2015", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4b527561ba1a5de7a529c8a93679f585" }, { "title": "strutt-cve-2014-0114", "trust": 0.1, "url": "https://github.com/anob3it/strutt-cve-2014-0114 " }, { "title": "-maven-security-versions", "trust": 0.1, "url": "https://github.com/nagauker/-maven-security-versions " }, { "title": "maven-security-versions-Travis", "trust": 0.1, "url": "https://github.com/klee94/maven-security-versions-travis " }, { "title": "maven-security-versions", "trust": 0.1, "url": "https://github.com/victims/maven-security-versions " }, { "title": "victims", "trust": 0.1, "url": "https://github.com/tmpgit3000/victims " }, { "title": "victims", "trust": 0.1, "url": "https://github.com/alexsh88/victims " }, { "title": "Threatpost", "trust": 0.1, "url": "https://threatpost.com/vmware-patches-apache-struts-flaws-in-vcops/106858/" } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0112" }, { "db": "JVNDB", "id": "JVNDB-2014-000045" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-264", "trust": 1.0 }, { "problemtype": "CWE-DesignError", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-000045" }, { "db": "NVD", "id": "CVE-2014-0112" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "http://jvn.jp/en/jp/jvn19294237/index.html" }, { "trust": 2.5, "url": "https://access.redhat.com/errata/rhsa-2019:0910" }, { "trust": 2.4, "url": "http://www.securityfocus.com/bid/67064" }, { "trust": 2.3, "url": "http://packetstormsecurity.com/files/127215/vmware-security-advisory-2014-0007.html" }, { "trust": 2.3, "url": "http://www.vmware.com/security/advisories/vmsa-2014-0007.html" }, { "trust": 1.7, "url": "http://jvndb.jvn.jp/jvndb/jvndb-2014-000045" }, { "trust": 1.7, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1091939" }, { "trust": 1.7, "url": "https://cwiki.apache.org/confluence/display/ww/s2-021" }, { "trust": 1.7, "url": "http://secunia.com/advisories/59500" }, { "trust": 1.7, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "trust": 1.7, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676706" }, { "trust": 1.7, "url": "http://secunia.com/advisories/59178" }, { "trust": 1.7, "url": "http://www.securityfocus.com/archive/1/532549/100/0/threaded" }, { "trust": 1.7, "url": "http://www.securityfocus.com/archive/1/531952/100/0/threaded" }, { "trust": 0.9, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0094" }, { "trust": 0.9, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0112" }, { "trust": 0.8, "url": "http://www.ipa.go.jp/security/ciadr/vul/20140417-struts.html" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0094" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0112" }, { "trust": 0.8, "url": "http://www.konakart.com/downloads/ver-7-3-0-0-whats-new/" }, { "trust": 0.8, "url": "http://www.kb.cert.org/vuls/id/719225" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/152687/red-hat-security-advisory-2019-0910-01.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/80006" }, { "trust": 0.3, "url": "http://struts.apache.org/" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2014-0112" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0112" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/264.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://threatpost.com/vmware-patches-apache-struts-flaws-in-vcops/106858/" }, { "trust": 0.1, "url": "https://www.exploit-db.com/exploits/33142/" }, { "trust": 0.1, "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=38390" }, { "trust": 0.1, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2017-7657" }, { "trust": 0.1, "url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.3/html-single/release_notes/" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2017-7525" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2017-7525" }, { "trust": 0.1, "url": "https://bugzilla.redhat.com/):" }, { "trust": 0.1, "url": "https://access.redhat.com/security/updates/classification/#important" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2017-7657" }, { "trust": 0.1, "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=jboss.fuse\u0026version=7.3.0" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.1, "url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.3/" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0050" }, { "trust": 0.1, "url": "https://twitter.com/vmwaresrc" }, { "trust": 0.1, "url": "https://www.vmware.com/support/policies/lifecycle.html" }, { "trust": 0.1, "url": "http://kb.vmware.com/kb/2081470" }, { "trust": 0.1, "url": "http://kb.vmware.com/kb/1055" }, { "trust": 0.1, "url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce" }, { "trust": 0.1, "url": "https://www.vmware.com/support/policies/security_response.html" }, { "trust": 0.1, "url": "http://www.vmware.com/security/advisories" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0050" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0094" }, { "trust": 0.1, "url": "https://www.vmware.com/go/download-vcops" } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0112" }, { "db": "BID", "id": "67064" }, { "db": "JVNDB", "id": "JVNDB-2014-000045" }, { "db": "PACKETSTORM", "id": "152687" }, { "db": "PACKETSTORM", "id": "127215" }, { "db": "CNNVD", "id": "CNNVD-201404-445" }, { "db": "NVD", "id": "CVE-2014-0112" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2014-0112" }, { "db": "BID", "id": "67064" }, { "db": "JVNDB", "id": "JVNDB-2014-000045" }, { "db": "PACKETSTORM", "id": "152687" }, { "db": "PACKETSTORM", "id": "127215" }, { "db": "CNNVD", "id": "CNNVD-201404-445" }, { "db": "NVD", "id": "CVE-2014-0112" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-04-29T00:00:00", "db": "VULMON", "id": "CVE-2014-0112" }, { "date": "2014-04-24T00:00:00", "db": "BID", "id": "67064" }, { "date": "2014-04-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-000045" }, { "date": "2019-04-30T16:20:15", "db": "PACKETSTORM", "id": "152687" }, { "date": "2014-06-25T21:34:12", "db": "PACKETSTORM", "id": "127215" }, { "date": "2014-04-24T00:00:00", "db": "CNNVD", "id": "CNNVD-201404-445" }, { "date": "2014-04-29T10:37:03.670000", "db": "NVD", "id": "CVE-2014-0112" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-08-12T00:00:00", "db": "VULMON", "id": "CVE-2014-0112" }, { "date": "2015-04-16T18:14:00", "db": "BID", "id": "67064" }, { "date": "2015-05-08T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-000045" }, { "date": "2019-08-14T00:00:00", "db": "CNNVD", "id": "CNNVD-201404-445" }, { "date": "2019-08-12T21:15:12.360000", "db": "NVD", "id": "CVE-2014-0112" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201404-445" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Apache Struts vulnerable to ClassLoader manipulation", "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-000045" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "permissions and access control issues", "sources": [ { "db": "CNNVD", "id": "CNNVD-201404-445" } ], "trust": 0.6 } }
var-200912-0451
Vulnerability from variot
Fujitsu Interstage and Systemwalker related products have the vulnerabilities listed below: - A buffer overflow vulnerability that can occur when the SSL server verifies the client's certificate. - A vulnerability that makes it possible to make an SSL connection using a server or client certificate issued by the old CA certificate after the CA certificate is renewed, regardless of the settings of the certificate environment variables. - A vulnerability where the depletion of resources, such as file descriptors, can occur on the SSL server.A remote attacker can cause a denial of service (DoS) condition or make an SSL connection using a fake certificate. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
For more information visit: http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com
TITLE: Fujitsu Products SSL Implementation Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA37989
VERIFY ADVISORY: http://secunia.com/advisories/37989/
DESCRIPTION: Some vulnerabilities have been reported in multiple Fujitsu products, which can be exploited by malicious people to bypass certain security restrictions or cause a DoS (Denial of Service).
3) An error in the implementation of the SSL server can be exploited to exhaust e.g. available file descriptors.
Please see the vendor's advisory for a full list of affected products.
SOLUTION: Apply patches. Please see the vendor's advisory for details.
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: Fujitsu: http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_systemwalker_ssl_200901.html
OTHER REFERENCES: JVN: http://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-002358.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-200912-0451", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "infodirectory", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "infoprovider pro", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "infoproxy", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "infoproxy for middleware", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage apcoordinator", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage application framework suite", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage application server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage apworks", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage business application manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage form coordinator syomei option", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage security director", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage traffic director", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "linkexpress", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "safeauthor", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "safegate", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "safegate client", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "safegate syutyu kanri", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "symfoware universal data interchanger", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker centric manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker centricmgr-a", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker desktop inspection", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker desktop patrol", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker formcoordinator syomei option", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker it budget manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker it budgetmgr", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker software delivery", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker/infodirectory", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "trademaster", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "trmaster", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2009-002358" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:fujitsu:infodirectory", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:infoprovider_pro", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:infoproxy", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:infoproxy_for_middleware", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:interstage", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:interstage_apcoordinator", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:interstage_application_framework_suite", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:interstage_application_server", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:interstage_apworks", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:interstage_business_application_manager", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:interstage_form_coordinator_syomei_option", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:interstage_security_director", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:interstage_traffic_director", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:linkexpress", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:safeauthor", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:safegate", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:safegate_client", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:safegate_syutyu_kanri", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:symfoware_universal_data_interchanger", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:systemwalker_centric_manager", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:systemwalker_centricmgr-a", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:systemwalker_desktop_inspection", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:systemwalker_desktop_patrol", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:systemwalker_formcoordinator_syomei_option", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:systemwalker_it_budget_manager", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:systemwalker_it_budgetmgr", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:systemwalker_software_delivery", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:systemwalker_infodirectory", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:trademaster", "vulnerable": true }, { "cpe22Uri": "cpe:/a:fujitsu:trmaster", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2009-002358" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Secunia", "sources": [ { "db": "PACKETSTORM", "id": "84267" } ], "trust": 0.1 }, "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "IPA", "availabilityImpact": "Partial", "baseScore": 5.0, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2009-002358", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "IPA", "id": "JVNDB-2009-002358", "trust": 0.8, "value": "Medium" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2009-002358" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Fujitsu Interstage and Systemwalker related products have the vulnerabilities listed below: - A buffer overflow vulnerability that can occur when the SSL server verifies the client\u0027s certificate. - A vulnerability that makes it possible to make an SSL connection using a server or client certificate issued by the old CA certificate after the CA certificate is renewed, regardless of the settings of the certificate environment variables. - A vulnerability where the depletion of resources, such as file descriptors, can occur on the SSL server.A remote attacker can cause a denial of service (DoS) condition or make an SSL connection using a fake certificate. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nFujitsu Products SSL Implementation Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA37989\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/37989/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in multiple Fujitsu products,\nwhich can be exploited by malicious people to bypass certain security\nrestrictions or cause a DoS (Denial of Service). \n\n3) An error in the implementation of the SSL server can be exploited\nto exhaust e.g. available file descriptors. \n\nPlease see the vendor\u0027s advisory for a full list of affected\nproducts. \n\nSOLUTION:\nApply patches. Please see the vendor\u0027s advisory for details. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nFujitsu:\nhttp://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_systemwalker_ssl_200901.html\n\nOTHER REFERENCES:\nJVN:\nhttp://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-002358.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n", "sources": [ { "db": "JVNDB", "id": "JVNDB-2009-002358" }, { "db": "PACKETSTORM", "id": "84267" } ], "trust": 0.81 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "JVNDB", "id": "JVNDB-2009-002358", "trust": 0.9 }, { "db": "SECUNIA", "id": "37989", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "84267", "trust": 0.1 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2009-002358" }, { "db": "PACKETSTORM", "id": "84267" } ] }, "id": "VAR-200912-0451", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.1875 }, "last_update_date": "2022-05-17T22:49:29.265000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "interstage_systemwalker_ssl_200901", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_systemwalker_ssl_200901.html" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2009-002358" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-119", "trust": 0.8 }, { "problemtype": "CWE-399", "trust": 0.8 }, { "problemtype": "CWE-287", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2009-002358" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 0.1, "url": "http://secunia.com/advisories/37989/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/secunia_security_advisories/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/business_solutions/" }, { "trust": 0.1, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.1, "url": "http://jvndb.jvn.jp/en/contents/2009/jvndb-2009-002358.html" }, { "trust": 0.1, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_systemwalker_ssl_200901.html" }, { "trust": 0.1, "url": "http://secunia.com/advisories/about_secunia_advisories/" } ], "sources": [ { "db": "PACKETSTORM", "id": "84267" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "JVNDB", "id": "JVNDB-2009-002358" }, { "db": "PACKETSTORM", "id": "84267" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2009-12-28T00:00:00", "db": "JVNDB", "id": "JVNDB-2009-002358" }, { "date": "2009-12-29T10:25:23", "db": "PACKETSTORM", "id": "84267" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2009-12-28T00:00:00", "db": "JVNDB", "id": "JVNDB-2009-002358" } ] }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Fujitsu Interstage and Systemwalker SSL Vulnerabilities", "sources": [ { "db": "JVNDB", "id": "JVNDB-2009-002358" } ], "trust": 0.8 } }
var-201403-0506
Vulnerability from variot
The ParametersInterceptor in Apache Struts before 2.3.16.2 allows remote attackers to "manipulate" the ClassLoader via the class parameter, which is passed to the getClass method. ** Delete ** This case JVNDB-2014-000045 It was removed because it was found to be duplicated. JVNDB-2014-000045 Please refer to. Apache Struts is prone to a security-bypass vulnerability because it fails to adequately handle user-supplied input. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Apache Struts versions 2.0.0 through 2.3.16 are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2014-0007 Synopsis: VMware product updates address security vulnerabilities in Apache Struts library Issue date: 2014-06-24 Updated on: 2014-06-24 (Initial Advisory) CVE number: CVE-2014-0050, CVE-2014-0094, CVE-2014-0112
-
Summary
VMware product updates address security vulnerabilities in Apache Struts library
-
Relevant releases
VMware vCenter Operations Management Suite prior to 5.8.2
-
Problem Description
a. The Apache Struts library is updated to version 2.3.16.2 to address multiple security issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2014-0050, CVE-2014-0094, and
CVE-2014-0112 to these issues.
CVE-2014-0112 may lead to remote code execution. This issue was
found to be only partially addressed in CVE-2014-0094.
CVE-2014-0050 may lead to a denial of service condition.
vCenter Operations Management Suite (vCOps) is affected by both
CVE-2014-0112 and CVE-2014-0050. Exploitation of CVE-2014-0112
may lead to remote code execution without authentication.
vCenter Orchestrator (vCO) is affected by CVE-2014-0050 and not
by CVE-2014-0112.
Workaround
A workaround for CVE-2014-0112 is documented in VMware Knowledge Base
article 2081470.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======= ======= =================
vCOPS 5.8.x any vCOPS 5.8.2
vCOPS 5.7.x any patch pending *
vCO 5.5 any patch pending
vCO 5.1 any patch pending
vCO 4.2 any patch pending
*Customers are advised to apply the workaround or update to vCOps
5.8.2.
- Solution
Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.
vCenter Operations Management Suite 5.8.2
Downloads and Documentation: https://www.vmware.com/go/download-vcops
- References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0112
http://kb.vmware.com/kb/2081470
- Change log
2014-06-24 VMSA-2014-0007 Initial security advisory in conjunction with the release of vCenter Operations Management Suite 5.8.2 on 2014-06-24.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
security-announce at lists.vmware.com
bugtraq at securityfocus.com
fulldisclosure at seclists.org
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Advisories http://www.vmware.com/security/advisories
VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html
VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html
Twitter https://twitter.com/VMwareSRC
Copyright 2014 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: Encryption Desktop 10.3.2 (Build 15337) Charset: utf-8
wj8DBQFTqi0BDEcm8Vbi9kMRAnCKAJ9otVO7DlXuMnSEGh2TLBzS5hniKgCeMnAM CZ5+DYZAydCjMwVgtKqoo7Y= =Vwu5 -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201403-0506", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "struts", "scope": "lt", "trust": 1.8, "vendor": "apache", "version": "2.3.16.1" }, { "model": "struts", "scope": "gte", "trust": 1.0, "vendor": "apache", "version": "2.0.0" }, { "model": "integrated system ha database ready", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "business analytics modeling server" }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "business process manager analytics" }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "extreme transaction processing server" }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "mobile manager" }, { "model": "interstage application development cycle manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage application framework suite", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage application server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage apworks", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage business application server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage job workload server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage service integrator", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage studio", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "serverview", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "resource orchestrator" }, { "model": "symfoware", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "analytics server" }, { "model": "symfoware", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "server" }, { "model": "systemwalker service catalog manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker service quality coordinator", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker software configuration manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "triole", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "cloud middle set b set" }, { "model": "cloud infrastructure management software", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.12" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.1" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.14.2" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.0.11.1" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.15.1" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.14" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.15.3" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.14.3" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.15" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.0.11.2" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.11" }, { "model": "storwize unified", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70001.3.0.0" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.1.2" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2.11" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.7" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.8" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.2" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.4" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.3" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.6" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.5" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.14" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2.3.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.9" }, { "model": "storwize unified", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70001.3.1.0" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.8" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.1.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.3" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.8.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.4" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.2" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.5" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.12" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.6" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.13" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.10" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.11.2" }, { "model": "storwize unified", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v70001.3.0.5" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.11.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2.3" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2" } ], "sources": [ { "db": "BID", "id": "65999" }, { "db": "JVNDB", "id": "JVNDB-2014-001603" }, { "db": "CNNVD", "id": "CNNVD-201403-191" }, { "db": "NVD", "id": "CVE-2014-0094" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.3.16.1", "versionStartIncluding": "2.0.0", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2014-0094" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Mark Thomas and Przemyslaw Celej", "sources": [ { "db": "BID", "id": "65999" } ], "trust": 0.3 }, "cve": "CVE-2014-0094", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "impactScore": 2.9, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULMON", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CVE-2014-0094", "impactScore": 2.9, "integrityImpact": "PARTIAL", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "MEDIUM", "trust": 0.1, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2014-0094", "trust": 1.0, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201403-191", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2014-0094", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0094" }, { "db": "CNNVD", "id": "CNNVD-201403-191" }, { "db": "NVD", "id": "CVE-2014-0094" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The ParametersInterceptor in Apache Struts before 2.3.16.2 allows remote attackers to \"manipulate\" the ClassLoader via the class parameter, which is passed to the getClass method. ** Delete ** This case JVNDB-2014-000045 It was removed because it was found to be duplicated. JVNDB-2014-000045 Please refer to. Apache Struts is prone to a security-bypass vulnerability because it fails to adequately handle user-supplied input. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. \nApache Struts versions 2.0.0 through 2.3.16 are vulnerable. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2014-0007\nSynopsis: VMware product updates address security vulnerabilities in \n Apache Struts library \nIssue date: 2014-06-24\nUpdated on: 2014-06-24 (Initial Advisory)\nCVE number: CVE-2014-0050, CVE-2014-0094, CVE-2014-0112\n- ------------------------------------------------------------------------\n\n1. Summary\n\n VMware product updates address security vulnerabilities in Apache \n Struts library\n\n2. Relevant releases\n\n VMware vCenter Operations Management Suite prior to 5.8.2\n\n3. Problem Description\n\n a. The Apache Struts library is updated to version 2.3.16.2 to \n address multiple security issues. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2014-0050, CVE-2014-0094, and\n CVE-2014-0112 to these issues. \n\n CVE-2014-0112 may lead to remote code execution. This issue was \n found to be only partially addressed in CVE-2014-0094. \n\n CVE-2014-0050 may lead to a denial of service condition. \n\n vCenter Operations Management Suite (vCOps) is affected by both \n CVE-2014-0112 and CVE-2014-0050. Exploitation of CVE-2014-0112\n may lead to remote code execution without authentication. \n\n vCenter Orchestrator (vCO) is affected by CVE-2014-0050 and not \n by CVE-2014-0112. \n\n Workaround\n\n A workaround for CVE-2014-0112 is documented in VMware Knowledge Base\n article 2081470. \n\n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is \n available. \n\n VMware Product\tRunning\tReplace with/\n Product Version\ton\tApply Patch\n ============= =======\t=======\t=================\n vCOPS\t 5.8.x \tany \tvCOPS 5.8.2\n vCOPS 5.7.x any patch pending *\n\n vCO 5.5 any patch pending\n vCO 5.1 any patch pending\n vCO 4.2 any patch pending\n\n *Customers are advised to apply the workaround or update to vCOps\n5.8.2. \n\n4. Solution\n\n Please review the patch/release notes for your product and version \n and verify the checksum of your downloaded file. \n\n vCenter Operations Management Suite 5.8.2\n -----------------------------------------\n Downloads and Documentation:\n https://www.vmware.com/go/download-vcops\n \n5. References\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0094\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0112\n\n http://kb.vmware.com/kb/2081470\n\n- ------------------------------------------------------------------------\n\n6. Change log\n\n 2014-06-24 VMSA-2014-0007\n Initial security advisory in conjunction with the release of vCenter\n Operations Management Suite 5.8.2 on 2014-06-24. \n\n- ------------------------------------------------------------------------\n\n7. Contact\n\n E-mail list for product security notifications and announcements:\n http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\n This Security Advisory is posted to the following lists:\n\n security-announce at lists.vmware.com\n bugtraq at securityfocus.com\n fulldisclosure at seclists.org\n\n E-mail: security at vmware.com\n PGP key at: http://kb.vmware.com/kb/1055\n\n VMware Security Advisories\n http://www.vmware.com/security/advisories\n\n VMware Security Response Policy\n https://www.vmware.com/support/policies/security_response.html\n\n VMware Lifecycle Support Phases\n https://www.vmware.com/support/policies/lifecycle.html\n \n Twitter\n https://twitter.com/VMwareSRC\n\n Copyright 2014 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: Encryption Desktop 10.3.2 (Build 15337)\nCharset: utf-8\n\nwj8DBQFTqi0BDEcm8Vbi9kMRAnCKAJ9otVO7DlXuMnSEGh2TLBzS5hniKgCeMnAM\nCZ5+DYZAydCjMwVgtKqoo7Y=\n=Vwu5\n-----END PGP SIGNATURE-----\n", "sources": [ { "db": "NVD", "id": "CVE-2014-0094" }, { "db": "JVNDB", "id": "JVNDB-2014-001603" }, { "db": "BID", "id": "65999" }, { "db": "VULMON", "id": "CVE-2014-0094" }, { "db": "PACKETSTORM", "id": "127215" } ], "trust": 2.07 }, "exploit_availability": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=41690", "trust": 0.2, "type": "exploit" } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0094" } ] }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2014-0094", "trust": 2.9 }, { "db": "SECTRACK", "id": "1029876", "trust": 2.4 }, { "db": "BID", "id": "65999", "trust": 1.9 }, { "db": "PACKETSTORM", "id": "127215", "trust": 1.7 }, { "db": "JVN", "id": "JVN19294237", "trust": 1.6 }, { "db": "SECUNIA", "id": "56440", "trust": 1.6 }, { "db": "SECUNIA", "id": "59178", "trust": 1.6 }, { "db": "JVNDB", "id": "JVNDB-2014-000045", "trust": 1.6 }, { "db": "JVNDB", "id": "JVNDB-2014-001603", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201403-191", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2014-0094", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0094" }, { "db": "BID", "id": "65999" }, { "db": "JVNDB", "id": "JVNDB-2014-001603" }, { "db": "PACKETSTORM", "id": "127215" }, { "db": "CNNVD", "id": "CNNVD-201403-191" }, { "db": "NVD", "id": "CVE-2014-0094" } ] }, "id": "VAR-201403-0506", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.1875 }, "last_update_date": "2024-04-20T19:59:14.400000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "S2-021", "trust": 0.8, "url": "http://struts.apache.org/release/2.3.x/docs/s2-021.html" }, { "title": "S2-020", "trust": 0.8, "url": "http://struts.apache.org/release/2.3.x/docs/s2-020.html" }, { "title": "CVE-2014-0094 \u4ed6 \u306b\u95a2\u3059\u308b\u5f71\u97ff", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/vulnerabilities/cve2014-0094-0114.html" }, { "title": "Interstage BPMA\u4ed6 CVE-2014-0094", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_bpma201401.html" }, { "title": "Interstage Application Development Cycle Manager(ADM): struts\u306e\u8106\u5f31\u6027(CVE-2014-0094) (2014\u5e745\u670827\u65e5)", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_aplidevcyclemgr_201401.html" }, { "title": "Symfoware Server\uff08Open\u30a4\u30f3\u30bf\u30d5\u30a7\u30fc\u30b9\uff09: Struts\u306e\u8106\u5f31\u6027(CVE-2014-0094, CVE-2014-0112, CVE-2014-0113, CVE-2014-0116) (2014\u5e746\u67082\u65e5)", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/symfoware_201402.html" }, { "title": "struts-2.3.16.1-all", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=48603" }, { "title": "Debian CVElist Bug Report Logs: libstruts1.2-java: CVE-2014-0114", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=96f4091aa31a0ece729fdcb110066df5" }, { "title": "Red Hat: CVE-2014-0094", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2014-0094" }, { "title": "VMware Security Advisories: VMware product updates address security vulnerabilities in Apache Struts library", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=3f8f92a767d3e2773247be2d5077cbee" }, { "title": "Oracle: Oracle Critical Patch Update Advisory - April 2015", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4b527561ba1a5de7a529c8a93679f585" }, { "title": "CVE-2014-0094-test-program-for-struts1", "trust": 0.1, "url": "https://github.com/hasegawatadamitsu/cve-2014-0094-test-program-for-struts1 " } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0094" }, { "db": "JVNDB", "id": "JVNDB-2014-001603" }, { "db": "CNNVD", "id": "CNNVD-201403-191" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2014-0094" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.4, "url": "http://www.securitytracker.com/id/1029876" }, { "trust": 1.6, "url": "http://jvn.jp/en/jp/jvn19294237/index.html" }, { "trust": 1.6, "url": "http://www.securityfocus.com/archive/1/532549/100/0/threaded" }, { "trust": 1.6, "url": "http://jvndb.jvn.jp/jvndb/jvndb-2014-000045" }, { "trust": 1.6, "url": "http://www.vmware.com/security/advisories/vmsa-2014-0007.html" }, { "trust": 1.6, "url": "http://www.securityfocus.com/archive/1/531362/100/0/threaded" }, { "trust": 1.6, "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm" }, { "trust": 1.6, "url": "http://secunia.com/advisories/59178" }, { "trust": 1.6, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676706" }, { "trust": 1.6, "url": "http://secunia.com/advisories/56440" }, { "trust": 1.6, "url": "http://www.securityfocus.com/bid/65999" }, { "trust": 1.6, "url": "http://packetstormsecurity.com/files/127215/vmware-security-advisory-2014-0007.html" }, { "trust": 1.6, "url": "http://www.konakart.com/downloads/ver-7-3-0-0-whats-new" }, { "trust": 1.6, "url": "http://struts.apache.org/release/2.3.x/docs/s2-020.html" }, { "trust": 1.6, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "trust": 0.9, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0094" }, { "trust": 0.8, "url": "http://www.ipa.go.jp/security/ciadr/vul/20140417-struts.html" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0094" }, { "trust": 0.3, "url": "http://struts.apache.org/" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0050" }, { "trust": 0.1, "url": "https://twitter.com/vmwaresrc" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0112" }, { "trust": 0.1, "url": "https://www.vmware.com/support/policies/lifecycle.html" }, { "trust": 0.1, "url": "http://kb.vmware.com/kb/2081470" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0112" }, { "trust": 0.1, "url": "http://kb.vmware.com/kb/1055" }, { "trust": 0.1, "url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce" }, { "trust": 0.1, "url": "https://www.vmware.com/support/policies/security_response.html" }, { "trust": 0.1, "url": "http://www.vmware.com/security/advisories" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0050" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0094" }, { "trust": 0.1, "url": "https://www.vmware.com/go/download-vcops" } ], "sources": [ { "db": "BID", "id": "65999" }, { "db": "JVNDB", "id": "JVNDB-2014-001603" }, { "db": "PACKETSTORM", "id": "127215" }, { "db": "CNNVD", "id": "CNNVD-201403-191" }, { "db": "NVD", "id": "CVE-2014-0094" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2014-0094" }, { "db": "BID", "id": "65999" }, { "db": "JVNDB", "id": "JVNDB-2014-001603" }, { "db": "PACKETSTORM", "id": "127215" }, { "db": "CNNVD", "id": "CNNVD-201403-191" }, { "db": "NVD", "id": "CVE-2014-0094" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-03-11T00:00:00", "db": "VULMON", "id": "CVE-2014-0094" }, { "date": "2014-03-06T00:00:00", "db": "BID", "id": "65999" }, { "date": "2014-03-12T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-001603" }, { "date": "2014-06-25T21:34:12", "db": "PACKETSTORM", "id": "127215" }, { "date": "2014-03-12T00:00:00", "db": "CNNVD", "id": "CNNVD-201403-191" }, { "date": "2014-03-11T13:00:37.107000", "db": "NVD", "id": "CVE-2014-0094" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-08-12T00:00:00", "db": "VULMON", "id": "CVE-2014-0094" }, { "date": "2015-07-15T00:14:00", "db": "BID", "id": "65999" }, { "date": "2014-06-03T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-001603" }, { "date": "2019-08-15T00:00:00", "db": "CNNVD", "id": "CNNVD-201403-191" }, { "date": "2019-08-12T21:15:12.140000", "db": "NVD", "id": "CVE-2014-0094" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201403-191" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "** Delete ** Apache Struts of ParametersInterceptor In ClassLoader Vulnerability manipulated", "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-001603" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-201403-191" } ], "trust": 0.6 } }
var-201404-0287
Vulnerability from variot
CookieInterceptor in Apache Struts before 2.3.20, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094. This vulnerability CVE-2014-0094 Vulnerability due to insufficient fix for.Through a crafted request by a third party, ClassLoader The " operation (manipulate)" And any code could be executed. Apache Struts is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Apache Struts versions 2.0.0 through 2.3.16.1 are vulnerable
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201404-0287", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "struts", "scope": "lt", "trust": 1.8, "vendor": "apache", "version": "2.3.16.2" }, { "model": "connections", "scope": "eq", "trust": 1.1, "vendor": "ibm", "version": "5.0" }, { "model": "connections", "scope": "eq", "trust": 1.1, "vendor": "ibm", "version": "4.5" }, { "model": "connections", "scope": "eq", "trust": 1.1, "vendor": "ibm", "version": "4.0" }, { "model": "struts", "scope": "gte", "trust": 1.0, "vendor": "apache", "version": "2.0.0" }, { "model": "struts", "scope": "eq", "trust": 0.9, "vendor": "apache", "version": "2.3.4" }, { "model": "struts", "scope": "eq", "trust": 0.9, "vendor": "apache", "version": "2.3.8" }, { "model": "struts", "scope": "eq", "trust": 0.9, "vendor": "apache", "version": "2.3.7" }, { "model": "struts", "scope": "eq", "trust": 0.9, "vendor": "apache", "version": "2.3.16.1" }, { "model": "struts", "scope": "eq", "trust": 0.9, "vendor": "apache", "version": "2.3.16" }, { "model": "struts", "scope": "eq", "trust": 0.9, "vendor": "apache", "version": "2.3.15.3" }, { "model": "struts", "scope": "eq", "trust": 0.9, "vendor": "apache", "version": "2.3.15.2" }, { "model": "struts", "scope": "eq", "trust": 0.9, "vendor": "apache", "version": "2.3.15.1" }, { "model": "connections", "scope": "lte", "trust": 0.8, "vendor": "ibm", "version": "3.0.1.1" }, { "model": "mysql", "scope": "lte", "trust": 0.8, "vendor": "oracle", "version": "enterprise monitor 2.3.16" }, { "model": "mysql", "scope": "lte", "trust": 0.8, "vendor": "oracle", "version": "enterprise monitor 3.0.10" }, { "model": "esmpro/servermanager", "scope": "lte", "trust": 0.8, "vendor": "nec", "version": "ver5.75" }, { "model": "infocage", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "pc security" }, { "model": "infocage", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "security risk management v1.0.0 to v2.1.3" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "enterprise edition v5.1 to v5.2" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "enterprise edition v6.1 to v6.5" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "rfid manager enterprise v7.1" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "rfid manager lite v2.0" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "rfid manager standard v2.0" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "standard edition v5.1 to v5.2" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "standard edition v6.1 to v6.5" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "standard-j edition v5.1 to v5.2" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "standard-j edition v6.1 to v6.5" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "web edition v5.1 to v5.2" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "web edition v6.1 to v6.5" }, { "model": "webotx application server", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "v7.1" }, { "model": "webotx developer", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "\"v8.2 to v8.4 (with developers studio only )\"" }, { "model": "webotx developer", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "\"v9.1 to v9.2 (with developers studio only )\"" }, { "model": "webotx portal", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "v8.3 to v8.4" }, { "model": "webotx portal", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "v9.1" }, { "model": "integrated system ha database ready", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "business analytics modeling server" }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "business process manager analytics" }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "extreme transaction processing server" }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "mobile manager" }, { "model": "interstage application development cycle manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage application framework suite", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage application server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage apworks", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage business application server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage job workload server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage service integrator", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage studio", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "serverview", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "resource orchestrator" }, { "model": "symfoware", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "analytics server" }, { "model": "symfoware", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "server" }, { "model": "systemwalker service catalog manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker service quality coordinator", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker software configuration manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "triole", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "cloud middle set b set" }, { "model": "cloud infrastructure management software", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.4.1" }, { "model": "struts", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.3.3" }, { "model": "keybox", "scope": "eq", "trust": 0.3, "vendor": "skavanagh", "version": "2.10.02" }, { "model": "ec2box", "scope": "eq", "trust": 0.3, "vendor": "skavanagh", "version": "0.11.01" }, { "model": "mysql enterprise monitor", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "3.0.10" }, { "model": "mysql enterprise monitor", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "2.3.16" }, { "model": "mysql enterprise monitor", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "2.3.15" }, { "model": "mysql enterprise monitor", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "2.3.14" }, { "model": "mysql enterprise monitor", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "2.3.13" }, { "model": "mysql enterprise monitor", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "3.0" }, { "model": "mysql enterprise monitor", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "2.3" }, { "model": "sterling web channel", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "sterling web channel", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0" }, { "model": "sterling selling and fulfillment foundation", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.2.1" }, { "model": "sterling selling and fulfillment foundation", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.2" }, { "model": "sterling selling and fulfillment foundation", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "sterling selling and fulfillment foundation", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0" }, { "model": "sterling order management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "sterling field sales", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.2.1" }, { "model": "sterling field sales", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.2.0" }, { "model": "sterling field sales", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.0" }, { "model": "sterling field sales", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0" }, { "model": "platform symphony", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.1" }, { "model": "platform symphony", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1" }, { "model": "platform symphony", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.2" }, { "model": "platform hpc", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.1.1" }, { "model": "platform hpc", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.1" }, { "model": "platform hpc", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.2" }, { "model": "platform cluster manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.1.1" }, { "model": "platform cluster manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.1" }, { "model": "platform cluster manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.2" }, { "model": "platform application center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.2" }, { "model": "platform application center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.1" }, { "model": "platform application center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "platform application center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.3" }, { "model": "connections", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.00" }, { "model": "connections", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.0.10" }, { "model": "connections", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.0.1.1" }, { "model": "connections", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.0.1.0" }, { "model": "connections", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.0.1" }, { "model": "connections", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.0" }, { "model": "connections", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.5.0.3" }, { "model": "connections", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.5.0.2" }, { "model": "connections", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.5.0.1" }, { "model": "connections", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.5.0.0" }, { "model": "connections", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.0.1.1" }, { "model": "connections", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.0.0.0" }, { "model": "clearpass", "scope": "eq", "trust": 0.3, "vendor": "arubanetworks", "version": "6.0.2" }, { "model": "clearpass", "scope": "eq", "trust": 0.3, "vendor": "arubanetworks", "version": "6.0.1" }, { "model": "clearpass", "scope": "eq", "trust": 0.3, "vendor": "arubanetworks", "version": "6.3.0" }, { "model": "clearpass", "scope": "eq", "trust": 0.3, "vendor": "arubanetworks", "version": "6.2.0" }, { "model": "clearpass", "scope": "eq", "trust": 0.3, "vendor": "arubanetworks", "version": "6.1.3" }, { "model": "clearpass", "scope": "eq", "trust": 0.3, "vendor": "arubanetworks", "version": "6.1.0" }, { "model": "clearpass", "scope": "eq", "trust": 0.3, "vendor": "arubanetworks", "version": "5.0" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.41" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2.3" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.8" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.6" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.5" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.2" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.1" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.14" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.12" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.11" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.10" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.9" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.8" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.7" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.6" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.5" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.4" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.3" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.2" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.1" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.15" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.14.3" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.14.2" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.14.1" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.14" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.1.2" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.1.1" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.1" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2.3.1" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.4" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.3" }, { "model": "struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.13" }, { "model": "keybox", "scope": "ne", "trust": 0.3, "vendor": "skavanagh", "version": "2.10.03" }, { "model": "ec2box", "scope": "ne", "trust": 0.3, "vendor": "skavanagh", "version": "0.11.02" }, { "model": "clearpass", "scope": "ne", "trust": 0.3, "vendor": "arubanetworks", "version": "6.3.2" }, { "model": "clearpass", "scope": "ne", "trust": 0.3, "vendor": "arubanetworks", "version": "6.2.6" }, { "model": "clearpass", "scope": "ne", "trust": 0.3, "vendor": "arubanetworks", "version": "6.1.4" }, { "model": "struts", "scope": "ne", "trust": 0.3, "vendor": "apache", "version": "2.3.16.2" } ], "sources": [ { "db": "BID", "id": "67081" }, { "db": "JVNDB", "id": "JVNDB-2014-002269" }, { "db": "NVD", "id": "CVE-2014-0113" }, { "db": "CNNVD", "id": "CNNVD-201404-570" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.3.16.2", "versionStartIncluding": "2.0.0", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2014-0113" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Taki Uchiyama, Takeshi Terada, Takayoshi Isayama, Yoshiyuki Karezaki, BAKA/ty, \nShine, NSFOCUS Security Team and heige.", "sources": [ { "db": "BID", "id": "67081" } ], "trust": 0.3 }, "cve": "CVE-2014-0113", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "impactScore": 6.4, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 7.5, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "CVE-2014-0113", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2014-0113", "trust": 1.8, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201404-570", "trust": 0.6, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2014-0113", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0113" }, { "db": "JVNDB", "id": "JVNDB-2014-002269" }, { "db": "NVD", "id": "CVE-2014-0113" }, { "db": "CNNVD", "id": "CNNVD-201404-570" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "CookieInterceptor in Apache Struts before 2.3.20, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094. This vulnerability CVE-2014-0094 Vulnerability due to insufficient fix for.Through a crafted request by a third party, ClassLoader The \" operation (manipulate)\" And any code could be executed. Apache Struts is prone to a security-bypass vulnerability. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. \nApache Struts versions 2.0.0 through 2.3.16.1 are vulnerable", "sources": [ { "db": "NVD", "id": "CVE-2014-0113" }, { "db": "JVNDB", "id": "JVNDB-2014-002269" }, { "db": "BID", "id": "67081" }, { "db": "VULMON", "id": "CVE-2014-0113" } ], "trust": 1.98 }, "exploit_availability": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=33142", "trust": 0.1, "type": "exploit" } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0113" } ] }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2014-0113", "trust": 2.8 }, { "db": "SECUNIA", "id": "59178", "trust": 1.7 }, { "db": "JVNDB", "id": "JVNDB-2014-002269", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201404-570", "trust": 0.6 }, { "db": "BID", "id": "67081", "trust": 0.3 }, { "db": "EXPLOITDB", "id": "33142", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2014-0113", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0113" }, { "db": "BID", "id": "67081" }, { "db": "JVNDB", "id": "JVNDB-2014-002269" }, { "db": "NVD", "id": "CVE-2014-0113" }, { "db": "CNNVD", "id": "CNNVD-201404-570" } ] }, "id": "VAR-201404-0287", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.1875 }, "last_update_date": "2023-12-18T11:41:25.261000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Security Bulletins S2-021", "trust": 0.8, "url": "https://cwiki.apache.org/confluence/display/ww/s2-021" }, { "title": "Download a Release of Apache Struts -- Full Releases Struts 2.3.16.2", "trust": 0.8, "url": "http://struts.apache.org/download.cgi#struts23162" }, { "title": "1680848", "trust": 0.8, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680848" }, { "title": "1681190", "trust": 0.8, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681190" }, { "title": "NV15-001", "trust": 0.8, "url": "http://jpn.nec.com/security-info/secinfo/nv15-001.html" }, { "title": "Text Form of Oracle Critical Patch Update - April 2015 Risk Matrices", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015verbose-2365613.html" }, { "title": "Oracle Critical Patch Update Advisory - April 2015", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "title": "April 2015 Critical Patch Update Released", "trust": 0.8, "url": "https://blogs.oracle.com/security/entry/april_2015_critical_patch_update" }, { "title": "CVE-2014-0094 \u4ed6 \u306b\u95a2\u3059\u308b\u5f71\u97ff", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/vulnerabilities/cve2014-0094-0114.html" }, { "title": "Symfoware Server\uff08Open\u30a4\u30f3\u30bf\u30d5\u30a7\u30fc\u30b9\uff09: Struts\u306e\u8106\u5f31\u6027(CVE-2014-0094, CVE-2014-0112, CVE-2014-0113, CVE-2014-0116) (2014\u5e746\u67082\u65e5)", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/symfoware_201402.html" }, { "title": "FUJITSU Integrated System HA Database Ready: Struts2\u306e\u8106\u5f31\u6027(CVE-2014-0094,CVE-2014-0112,CVE-2014-0113,CVE-2014-0116) (2014\u5e746\u670819\u65e5)", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/ha_db_ready_201401.html" }, { "title": "struts-2.3.16.2-all", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=49668" }, { "title": "Red Hat: CVE-2014-0113", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2014-0113" }, { "title": "Oracle: Oracle Critical Patch Update Advisory - April 2015", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4b527561ba1a5de7a529c8a93679f585" }, { "title": "-maven-security-versions", "trust": 0.1, "url": "https://github.com/nagauker/-maven-security-versions " }, { "title": "maven-security-versions-Travis", "trust": 0.1, "url": "https://github.com/klee94/maven-security-versions-travis " }, { "title": "maven-security-versions", "trust": 0.1, "url": "https://github.com/victims/maven-security-versions " }, { "title": "victims", "trust": 0.1, "url": "https://github.com/tmpgit3000/victims " }, { "title": "victims", "trust": 0.1, "url": "https://github.com/alexsh88/victims " } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0113" }, { "db": "JVNDB", "id": "JVNDB-2014-002269" }, { "db": "CNNVD", "id": "CNNVD-201404-570" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-264", "trust": 1.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-002269" }, { "db": "NVD", "id": "CVE-2014-0113" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "trust": 2.0, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676706" }, { "trust": 1.7, "url": "https://cwiki.apache.org/confluence/display/ww/s2-021" }, { "trust": 1.7, "url": "http://secunia.com/advisories/59178" }, { "trust": 1.7, "url": "http://www.securityfocus.com/archive/1/531952/100/0/threaded" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0113" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0113" }, { "trust": 0.3, "url": "http://www.arubanetworks.com/support/alerts/aid-051414.asc" }, { "trust": 0.3, "url": "https://github.com/skavanagh/ec2box/releases/tag/v0.11.02" }, { "trust": 0.3, "url": "https://github.com/skavanagh/keybox/releases/tag/v2.10.03" }, { "trust": 0.3, "url": "http://struts.apache.org/" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21680848" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=isg3t1020896" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=isg3t1020893" }, { "trust": 0.3, "url": "http://struts.apache.org/development/2.x/docs/s2-021.html" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=isg3t1020894" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=isg3t1020895" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/264.html" }, { "trust": 0.1, "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=33975" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://github.com/victims/maven-security-versions" }, { "trust": 0.1, "url": "https://www.exploit-db.com/exploits/33142/" } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0113" }, { "db": "BID", "id": "67081" }, { "db": "JVNDB", "id": "JVNDB-2014-002269" }, { "db": "NVD", "id": "CVE-2014-0113" }, { "db": "CNNVD", "id": "CNNVD-201404-570" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2014-0113" }, { "db": "BID", "id": "67081" }, { "db": "JVNDB", "id": "JVNDB-2014-002269" }, { "db": "NVD", "id": "CVE-2014-0113" }, { "db": "CNNVD", "id": "CNNVD-201404-570" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-04-29T00:00:00", "db": "VULMON", "id": "CVE-2014-0113" }, { "date": "2014-04-28T00:00:00", "db": "BID", "id": "67081" }, { "date": "2014-04-30T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-002269" }, { "date": "2014-04-29T10:37:03.700000", "db": "NVD", "id": "CVE-2014-0113" }, { "date": "2014-04-30T00:00:00", "db": "CNNVD", "id": "CNNVD-201404-570" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-08-12T00:00:00", "db": "VULMON", "id": "CVE-2014-0113" }, { "date": "2015-05-07T17:38:00", "db": "BID", "id": "67081" }, { "date": "2016-08-02T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-002269" }, { "date": "2019-08-12T21:15:12.563000", "db": "NVD", "id": "CVE-2014-0113" }, { "date": "2019-08-15T00:00:00", "db": "CNNVD", "id": "CNNVD-201404-570" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201404-570" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Apache Struts of CookieInterceptor In ClassLoader Vulnerability manipulated", "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-002269" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "permissions and access control issues", "sources": [ { "db": "CNNVD", "id": "CNNVD-201404-570" } ], "trust": 0.6 } }
var-201405-0502
Vulnerability from variot
CookieInterceptor in Apache Struts 2.x before 2.3.20, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and modify session state via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0113. This vulnerability CVE-2014-0113 Vulnerability due to insufficient fix for.Through a crafted request by a third party, ClassLoader The " operation " And the session state may change. Apache Struts is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Apache Struts versions 2.0.0 through 2.3.16.2 are vulnerable
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201405-0502", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "struts", "scope": "eq", "trust": 1.6, "vendor": "apache", "version": "2.3.15.2" }, { "model": "struts", "scope": "eq", "trust": 1.6, "vendor": "apache", "version": "2.3.7" }, { "model": "struts", "scope": "eq", "trust": 1.6, "vendor": "apache", "version": "2.3.15.1" }, { "model": "struts", "scope": "eq", "trust": 1.6, "vendor": "apache", "version": "2.3.4" }, { "model": "struts", "scope": "eq", "trust": 1.6, "vendor": "apache", "version": "2.3.15.3" }, { "model": "struts", "scope": "eq", "trust": 1.6, "vendor": "apache", "version": "2.3.8" }, { "model": "struts", "scope": "eq", "trust": 1.6, "vendor": "apache", "version": "2.3.3" }, { "model": "struts", "scope": "eq", "trust": 1.6, "vendor": "apache", "version": "2.3.16.2" }, { "model": "struts", "scope": "eq", "trust": 1.6, "vendor": "apache", "version": "2.3.16.1" }, { "model": "struts", "scope": "eq", "trust": 1.6, "vendor": "apache", "version": "2.3.4.1" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.6" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.1.8.1" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.1.5" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.3.12" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.3.14" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.3.14.2" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.2.1" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.9" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.3.15" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.11" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.7" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.5" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.1.4" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.3.1.1" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.1.0" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.2.1.1" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.1.1" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.2.3" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.11.2" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.14" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.2.3.1" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.11.1" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.10" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.4" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.3" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.8" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.3.14.1" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.1.8" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.1.2" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.2" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.13" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.3.16" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.0" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.1.6" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.3.14.3" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.12" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.1.3" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0.1" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.3.1" }, { "model": "struts", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.3.1.2" }, { "model": "webotx portal", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "v9.1" }, { "model": "infocage", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "security risk management v1.0.0 to v2.1.3" }, { "model": "serverview", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "resource orchestrator" }, { "model": "interstage service integrator", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "struts", "scope": "eq", "trust": 0.8, "vendor": "apache", "version": "2.3.16.3" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "web edition v5.1 to v5.2" }, { "model": "interstage application server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage apworks", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "connections", "scope": "eq", "trust": 0.8, "vendor": "ibm", "version": "4.5" }, { "model": "systemwalker software configuration manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "infocage", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "pc security" }, { "model": "webotx application server", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "v7.1" }, { "model": "symfoware", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "analytics server" }, { "model": "interstage application framework suite", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage application development cycle manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "struts", "scope": "lt", "trust": 0.8, "vendor": "apache", "version": "2.x" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "rfid manager lite v2.0" }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "business analytics modeling server" }, { "model": "mysql", "scope": "lte", "trust": 0.8, "vendor": "oracle", "version": "enterprise monitor 3.0.10 and earlier" }, { "model": "webotx portal", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "v8.3 to v8.4" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "web edition v6.1 to v6.5" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "enterprise edition v6.1 to v6.5" }, { "model": "systemwalker service catalog manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "esmpro/servermanager", "scope": "lte", "trust": 0.8, "vendor": "nec", "version": "ver5.75 and earlier" }, { "model": "cloud infrastructure management software", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "st ard-j edition v5.1 to v5.2" }, { "model": "connections", "scope": "eq", "trust": 0.8, "vendor": "ibm", "version": "4.0" }, { "model": "mysql", "scope": "lte", "trust": 0.8, "vendor": "oracle", "version": "enterprise monitor 2.3.16 and earlier" }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "business process manager analytics" }, { "model": "integrated system ha database ready", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "triole", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "cloud middle set b set" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "rfid manager st ard v2.0" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "st ard-j edition v6.1 to v6.5" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "st ard edition v6.1 to v6.5" }, { "model": "connections", "scope": "lte", "trust": 0.8, "vendor": "ibm", "version": "3.0.1.1 and earlier" }, { "model": "interstage studio", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "rfid manager enterprise v7.1" }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "extreme transaction processing server" }, { "model": "interstage business application server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "connections", "scope": "eq", "trust": 0.8, "vendor": "ibm", "version": "5.0" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "st ard edition v5.1 to v5.2" }, { "model": "webotx developer", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "\"v8.2 to v8.4 (with developers studio only )\"" }, { "model": "interstage", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "mobile manager" }, { "model": "systemwalker service quality coordinator", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "symfoware", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "server" }, { "model": "webotx", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "enterprise edition v5.1 to v5.2" }, { "model": "webotx developer", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "\"v9.1 to v9.2 (with developers studio only )\"" }, { "model": "interstage job workload server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.11" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.1.2" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2.11" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.7" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.8" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.2" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.4" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.3" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.6" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.5" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.14" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2.3.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.9" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.8" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.3.1.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.3" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.8.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.4" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.2" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.5" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.12" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.1.6" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.13" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.10" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.11.2" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.11.1" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2.3" }, { "model": "software foundation struts", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2" } ], "sources": [ { "db": "BID", "id": "67218" }, { "db": "JVNDB", "id": "JVNDB-2014-002411" }, { "db": "NVD", "id": "CVE-2014-0116" }, { "db": "CNNVD", "id": "CNNVD-201405-150" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.2.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.14.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.16.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.16.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.11.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.1.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.15.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.11.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.2.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.14.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.14.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.0.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.1.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.1.8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.15.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.15.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2014-0116" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Zubair Ashraf of IBM X-Force", "sources": [ { "db": "BID", "id": "67218" } ], "trust": 0.3 }, "cve": "CVE-2014-0116", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "impactScore": 4.9, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 5.8, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2014-0116", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2014-0116", "trust": 1.8, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201405-150", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2014-0116", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0116" }, { "db": "JVNDB", "id": "JVNDB-2014-002411" }, { "db": "NVD", "id": "CVE-2014-0116" }, { "db": "CNNVD", "id": "CNNVD-201405-150" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "CookieInterceptor in Apache Struts 2.x before 2.3.20, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to \"manipulate\" the ClassLoader and modify session state via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0113. This vulnerability CVE-2014-0113 Vulnerability due to insufficient fix for.Through a crafted request by a third party, ClassLoader The \" operation \" And the session state may change. Apache Struts is prone to a security-bypass vulnerability. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. \nApache Struts versions 2.0.0 through 2.3.16.2 are vulnerable", "sources": [ { "db": "NVD", "id": "CVE-2014-0116" }, { "db": "JVNDB", "id": "JVNDB-2014-002411" }, { "db": "BID", "id": "67218" }, { "db": "VULMON", "id": "CVE-2014-0116" } ], "trust": 1.98 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2014-0116", "trust": 2.8 }, { "db": "BID", "id": "67218", "trust": 2.0 }, { "db": "SECUNIA", "id": "59816", "trust": 1.7 }, { "db": "JVNDB", "id": "JVNDB-2014-002411", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201405-150", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2014-0116", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0116" }, { "db": "BID", "id": "67218" }, { "db": "JVNDB", "id": "JVNDB-2014-002411" }, { "db": "NVD", "id": "CVE-2014-0116" }, { "db": "CNNVD", "id": "CNNVD-201405-150" } ] }, "id": "VAR-201405-0502", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.1875 }, "last_update_date": "2023-12-18T12:38:15.993000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "1680848", "trust": 0.8, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680848" }, { "title": "1681190", "trust": 0.8, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681190" }, { "title": "NV15-001", "trust": 0.8, "url": "http://jpn.nec.com/security-info/secinfo/nv15-001.html" }, { "title": "Oracle Critical Patch Update Advisory - April 2015", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "title": "Text Form of Oracle Critical Patch Update - April 2015 Risk Matrices", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015verbose-2365613.html" }, { "title": "Bug 1094558", "trust": 0.8, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094558" }, { "title": "Huawei-SA-20140707-01-Struts2", "trust": 0.8, "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm" }, { "title": "April 2015 Critical Patch Update Released", "trust": 0.8, "url": "https://blogs.oracle.com/security/entry/april_2015_critical_patch_update" }, { "title": "S2-022", "trust": 0.8, "url": "http://struts.apache.org/release/2.3.x/docs/s2-022.html" }, { "title": "CVE-2014-0094 \u4ed6 \u306b\u95a2\u3059\u308b\u5f71\u97ff", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/vulnerabilities/cve2014-0094-0114.html" }, { "title": "Symfoware Server\uff08Open\u30a4\u30f3\u30bf\u30d5\u30a7\u30fc\u30b9\uff09: Struts\u306e\u8106\u5f31\u6027(CVE-2014-0094, CVE-2014-0112, CVE-2014-0113, CVE-2014-0116) (2014\u5e746\u67082\u65e5)", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/symfoware_201402.html" }, { "title": "FUJITSU Integrated System HA Database Ready: Struts2\u306e\u8106\u5f31\u6027(CVE-2014-0094,CVE-2014-0112,CVE-2014-0113,CVE-2014-0116) (2014\u5e746\u670819\u65e5)", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/ha_db_ready_201401.html" }, { "title": "Red Hat: CVE-2014-0116", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2014-0116" }, { "title": "Oracle: Oracle Critical Patch Update Advisory - April 2015", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4b527561ba1a5de7a529c8a93679f585" }, { "title": "-maven-security-versions", "trust": 0.1, "url": "https://github.com/nagauker/-maven-security-versions " }, { "title": "maven-security-versions-Travis", "trust": 0.1, "url": "https://github.com/klee94/maven-security-versions-travis " }, { "title": "maven-security-versions", "trust": 0.1, "url": "https://github.com/victims/maven-security-versions " }, { "title": "victims", "trust": 0.1, "url": "https://github.com/tmpgit3000/victims " }, { "title": "victims", "trust": 0.1, "url": "https://github.com/alexsh88/victims " } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0116" }, { "db": "JVNDB", "id": "JVNDB-2014-002411" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-264", "trust": 1.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-002411" }, { "db": "NVD", "id": "CVE-2014-0116" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.7, "url": "http://struts.apache.org/release/2.3.x/docs/s2-022.html" }, { "trust": 1.7, "url": "http://www.securityfocus.com/bid/67218" }, { "trust": 1.7, "url": "http://secunia.com/advisories/59816" }, { "trust": 1.7, "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm" }, { "trust": 1.7, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0116" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0116" }, { "trust": 0.3, "url": "http://struts.apache.org/" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/264.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=34163" }, { "trust": 0.1, "url": "https://github.com/victims/maven-security-versions" } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-0116" }, { "db": "BID", "id": "67218" }, { "db": "JVNDB", "id": "JVNDB-2014-002411" }, { "db": "NVD", "id": "CVE-2014-0116" }, { "db": "CNNVD", "id": "CNNVD-201405-150" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2014-0116" }, { "db": "BID", "id": "67218" }, { "db": "JVNDB", "id": "JVNDB-2014-002411" }, { "db": "NVD", "id": "CVE-2014-0116" }, { "db": "CNNVD", "id": "CNNVD-201405-150" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-05-08T00:00:00", "db": "VULMON", "id": "CVE-2014-0116" }, { "date": "2014-05-06T00:00:00", "db": "BID", "id": "67218" }, { "date": "2014-05-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-002411" }, { "date": "2014-05-08T10:55:02.967000", "db": "NVD", "id": "CVE-2014-0116" }, { "date": "2014-05-09T00:00:00", "db": "CNNVD", "id": "CNNVD-201405-150" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-08-12T00:00:00", "db": "VULMON", "id": "CVE-2014-0116" }, { "date": "2015-04-16T18:14:00", "db": "BID", "id": "67218" }, { "date": "2016-08-02T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-002411" }, { "date": "2019-08-12T21:15:12.703000", "db": "NVD", "id": "CVE-2014-0116" }, { "date": "2019-08-15T00:00:00", "db": "CNNVD", "id": "CNNVD-201405-150" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201405-150" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Apache Struts of CookieInterceptor In ClassLoader Vulnerability manipulated", "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-002411" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "permissions and access control issues", "sources": [ { "db": "CNNVD", "id": "CNNVD-201405-150" } ], "trust": 0.6 } }
var-201412-0271
Vulnerability from variot
The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, PEM 11.3.0 through 11.6.0, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.4.1 and BIG-IQ Cloud and Security 4.0.0 through 4.4.0 and Device 4.2.0 through 4.4.0, when using TLS 1.x before TLS 1.2, does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). NOTE: the scope of this identifier is limited to the F5 implementation only. Other vulnerable implementations should receive their own CVE ID, since this is not a vulnerability within the design of TLS 1.x itself. The problem is CVE-2014-3566 ( alias POODLE) Similar problem. TLS is a new protocol developed by the IETF (Engineering Task Force). It is based on the SSL protocol specification and is the subsequent version of SSL. The Secure Transport Layer Protocol (TLS) is used to provide confidentiality and data integrity between two communication applications.
TLS has security vulnerabilities that mainly affect browsers. Because TLS1.2 failed to correctly verify PADDING, even if the attacker did not first downgrade to SSL3.0, he could use TLS1.2 to bypass the transport layer encryption mechanism by using man-in-the-middle attack methods to steal the user's sensitive information, such as cookies , Account information, etc. Note: This issue was previously titled 'OpenSSL CVE-2014-8730 Man In The Middle Information Disclosure Vulnerability'. The title and technical details have been changed to better reflect the underlying component affected. An attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. F5 BIG-IP LTM, etc. LTM is a local traffic manager; APM is a solution that provides secure unified access to business-critical applications and networks. The following products and versions are affected: F5 BIG-IP LTM, APM, ASM version 10.0.0 to 10.2.4 and 11.0.0 to 11.5.1, AAM version 11.4.0 to 11.5.1, AFM 11.3. 0 to 11.5.1, Analytics 11.0.0 to 11.5.1, Edge Gateway, WebAccelerator, WOM 10.1.0 to 10.2.4 and 11.0.0 to 11.3.0, PEM 11.3.0 to 11.6.0, PSM 10.0.0 to 10.2.4 and 11.0.0 to 11.4.1, BIG-IQ Cloud, Security 4.0.0 to 4.4.0, Device 4.2.0 to 4.4 .0 version. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04819635
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04819635 Version: 1
HPSBPV03516 rev.1 - HP VAN SDN Controller, Multiple Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2015-09-29 Last Updated: 2015-09-29
Potential Security Impact: Disclosure of Privileged Information, Remote Disclosure of Privileged Information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY A potential security vulnerability has been identified with the HP VAN SDN Controller running SSLv3. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely resulting in disclosure of privileged information.
References:
CVE-2014-8730 SSRT102263
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
VAN SDN Controller 2.5.21 VAN SDN Controller 2.5.15
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2014-8730 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP recommends disabling TLS v1.0 by deleting its entry in sslEnabledProtocols in the client Auth properties of the /opt/sdn/virgo/configuration/tomcat-server.xml file.
Open the /opt/sdn/virgo/configuration/tomcat-server.xml file for editing Change the following line from this: clientAuth="false" sslEnabledProtocols="TLSv1.0, TLSv1.1,TLSv1.2" to this: clientAuth="false" sslEnabledProtocols=" TLSv1.1,TLSv1.2" Restart the controller.
HISTORY Version:1 (rev.1) - 29 September 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux)
iEYEARECAAYFAlYKlgkACgkQ4B86/C0qfVmdggCg40wxxeG+Op+gBFzLBG9neKCo bW4AnjzTddq/rpaQfITkTvhg7DUpT9f5 =Px26 -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201412-0271", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "10.0.1" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "10.2.3" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "10.0.0" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "10.1.0" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "11.0.0" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.6, "vendor": "f5", "version": "10.2.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.3, "vendor": "f5", "version": "11.0.0" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip advanced firewall manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.0" }, { "model": "big-iq device", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.4.0" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.0.0" }, { "model": "big-iq device", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.3.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.4" }, { "model": "big-iq device", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.2.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.0" }, { "model": "big-iq cloud", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.0.0" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.0" }, { "model": "big-ip application acceleration manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.0" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip policy enforcement manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.0.1" }, { "model": "big-ip application acceleration manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.6.0" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.3" }, { "model": "big-ip policy enforcement manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.0" }, { "model": "big-iq cloud", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.4.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.3" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.0.0" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.1" }, { "model": "big-iq security", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.1.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.0" }, { "model": "big-ip application acceleration manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.0.1" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip advanced firewall manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.0.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.1.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.3" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.0.1" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.0.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.0.0" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip application acceleration manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip policy enforcement manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.0" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.3" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.0.0" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip policy enforcement manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.6.0" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.1.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.0" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip policy enforcement manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.1" }, { "model": "big-iq security", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.4.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.1" }, { "model": "big-iq security", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.3.0" }, { "model": "big-iq security", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.2.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip advanced firewall manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.0" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip policy enforcement manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.1.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.0.1" }, { "model": "big-ip advanced firewall manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.1" }, { "model": "big-iq cloud", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.3.0" }, { "model": "big-iq cloud", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.2.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.0.0" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.1.0" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.3" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.3" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.0.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.0.0" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.1.0" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.1" }, { "model": "big-iq cloud", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.1.0" }, { "model": "big-ip application acceleration manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip advanced firewall manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.1.0" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.0.0" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "10.2.1" }, { "model": "big-iq security", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "4.0.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "11.5.0" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "10.1.0 to 10.2.4" }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.0.0 to 11.5.1" }, { "model": "big-ip advanced firewall manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.3.0 to 11.5.1" }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.0.0 to 11.5.1" }, { "model": "big-ip application acceleration manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.4.0 to 11.5.1" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "10.0.0 to 10.2.4" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.0.0 to 11.5.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "10.1.0 to 10.2.4" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.0.0 to 11.3.0" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "10.0.0 to 10.2.4" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.0.0 to 11.5.1" }, { "model": "big-ip policy enforcement manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.3.0 to 11.6.0" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "10.0.0 to 10.2.4" }, { "model": "big-ip protocol security module", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.0.0 to 11.4.1" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "10.0.0 to 10.2.4" }, { "model": "big-ip wan optimization manager", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.0.0 to 11.3.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "10.0.0 to 10.2.4" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "11.0.0 to 11.3.0" }, { "model": "big-iq cloud", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "4.0.0 to 4.4.0" }, { "model": "big-iq device", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "4.2.0 to 4.4.0" }, { "model": "big-iq security", "scope": "eq", "trust": 0.8, "vendor": "f5", "version": "4.0.0 to 4.4.0" }, { "model": "internet navigware e-learning pack", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "internet navigware enterprise lms server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage application server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage apworks", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage business application manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage studio", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage web server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage web server express", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "safeauthor", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "serverview", "scope": "eq", "trust": 0.8, "vendor": "fujitsu", "version": "resource orchestrator cloud edition" }, { "model": "systemwalker centric manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker desktop inspection", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker desktop keeper", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker desktop patrol", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker it change manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker operation manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker runbook automation", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker security control", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker service catalog manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker software configuration manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "cloud infrastructure management software", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "tls", "scope": "eq", "trust": 0.6, "vendor": "f5", "version": "1.2" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "6.1.1" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "6.1" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "6.0.7" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "6.0.6" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "5.0.15" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "5.0.14" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "5.0.5" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "5.0.2" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "5.0.4" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "5.0.3" }, { "model": "pan-os", "scope": "eq", "trust": 0.3, "vendor": "paloaltonetworks", "version": "5.0.0" }, { "model": "sa700", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "sa6500", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "sa6000", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "sa4500", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "sa4000", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "sa2500", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "sa2000", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "mag6611", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "mag6610", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "mag4610", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "mag2600", "scope": "eq", "trust": 0.3, "vendor": "juniper", "version": "0" }, { "model": "txseries for multiplatforms", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.2" }, { "model": "txseries for multiplatforms", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.1" }, { "model": "txseries for multiplatforms", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.2" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0.3" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0.2" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0.1" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.6.5" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.6.4" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.6.3" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.6.2" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.6.1" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.6" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.2.1" }, { "model": "tpf toolkit", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0.4" }, { "model": "tivoli system automation for multiplatforms", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.2.2.6" }, { "model": "tivoli service request manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2" }, { "model": "tivoli service request manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "tivoli monitoring for virtual environments", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2" }, { "model": "tivoli monitoring", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.31" }, { "model": "tivoli monitoring", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.3.0" }, { "model": "tivoli endpoint manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "tivoli endpoint manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0.0" }, { "model": "tivoli directory server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.3" }, { "model": "tivoli directory server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.2" }, { "model": "tivoli directory server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1" }, { "model": "tivoli directory server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0" }, { "model": "tivoli asset management for it", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2" }, { "model": "tivoli asset management for it", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "tivoli access manager for e-business", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.1" }, { "model": "tivoli access manager for e-business", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1" }, { "model": "tivoli access manager for e-business", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0" }, { "model": "spss modeler", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "16.0" }, { "model": "smartcloud provisioning for software virtual appliance", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1" }, { "model": "smartcloud provisioning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.13" }, { "model": "smartcloud provisioning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.12" }, { "model": "smartcloud provisioning ifix2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3.01" }, { "model": "smartcloud provisioning ifix6", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3.0.1" }, { "model": "smartcloud provisioning ifix1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3.0.1" }, { "model": "smartcloud provisioning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3.0.1" }, { "model": "smartcloud provisioning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3" }, { "model": "smartcloud provisioning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1.0.5" }, { "model": "smartcloud provisioning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1.0.4" }, { "model": "smartcloud provisioning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1.0.1" }, { "model": "smartcloud provisioning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1" }, { "model": "smartcloud provisioning", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.2" }, { "model": "smartcloud orchestrator fp1 ifix6", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3" }, { "model": "smartcloud orchestrator fp1 ifix5", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3" }, { "model": "smartcloud orchestrator fp1 ifix4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3" }, { "model": "smartcloud orchestrator fp1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3" }, { "model": "smartcloud orchestrator", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.3" }, { "model": "smartcloud orchestrator fp1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2" }, { "model": "smartcloud orchestrator", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2" }, { "model": "smartcloud cost management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1.0.3" }, { "model": "smartcloud cost management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1.0.2" }, { "model": "smartcloud control desk", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "security directory server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.3.1" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.02" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.5" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.4" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.2" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.0" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.1" }, { "model": "security access manager for web", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.0" }, { "model": "security access manager for mobile", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.5" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.41" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.4" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.38" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.37" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.35" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.34" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.33" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.32" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.31" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.3" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.211" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.210" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.18" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.17" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.16" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.4.6" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.4.3" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.3.6" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.3.10" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.9" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.8" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.7" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.6" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.5" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.4" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.3" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.2" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.13" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.12" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.1" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.9" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.5" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.4" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.3" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.2" }, { "model": "rational requisitepro", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.1" }, { "model": "rational doors web access", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.61" }, { "model": "rational doors web access", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.21" }, { "model": "rational doors web access", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.2" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.2" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.12" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.11" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.1" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.51" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.41" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.37" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.36" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.35" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.34" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.33" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.32" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.31" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.6.1.0" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.6.0.1" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.6" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.2.2" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.2.1" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.1.3" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5.0.2" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.4.0.2" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.4" }, { "model": "rational doors", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.3.0.8" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.13" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.010" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.213" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.211" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.18" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1.6" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1.5" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1.4" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1.2" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1.1" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.9" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.8" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.7" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.5" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.4" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.3" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.2" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.13" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.12" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.11" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.1" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.06" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.9" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.8" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.7" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.6" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.5" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.4" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.3" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.2" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.16" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.15" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.14" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.12" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.10" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2.1" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.9" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.7" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.6" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.5" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.4" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.3" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.2" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.1" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.0.2" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.0.1" }, { "model": "rational clearquest", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "pureapplication system", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1" }, { "model": "pureapplication system", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.0" }, { "model": "pureapplication system", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1" }, { "model": "maximo for utilities", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "maximo for utilities", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "maximo for transportation", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "maximo for transportation", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "maximo for oil and gas", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "maximo for oil and gas", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "maximo for nuclear power", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "maximo for nuclear power", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "maximo for life sciences", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "maximo for life sciences", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "maximo for government", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "maximo for government", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "maximo asset management essentials", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "maximo asset management essentials", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "maximo asset management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.6" }, { "model": "maximo asset management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "maximo asset management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0.2" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.5" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.0" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.0" }, { "model": "domino fp if", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0.122" }, { "model": "domino fp if", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0.121" }, { "model": "domino fp if4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.36" }, { "model": "domino fp if", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.365" }, { "model": "domino fp if", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.242" }, { "model": "domino fp if", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.152" }, { "model": "domino if", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.06" }, { "model": "db2 enterprise server edition", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1" }, { "model": "data server runtime client", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.7" }, { "model": "data server runtime client", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5" }, { "model": "data server runtime client", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.5" }, { "model": "data server runtime client", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1" }, { "model": "data server driver package", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.7" }, { "model": "data server driver package", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5" }, { "model": "data server driver package", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.5" }, { "model": "data server driver package", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1" }, { "model": "data server driver for odbc and cli", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.7" }, { "model": "data server driver for odbc and cli", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5" }, { "model": "data server driver for odbc and cli", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.5" }, { "model": "data server driver for odbc and cli", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1" }, { "model": "data server client", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.7" }, { "model": "data server client", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5" }, { "model": "data server client", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.5" }, { "model": "data server client", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1" }, { "model": "cloud manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.2" }, { "model": "cloud manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.2.0.1" }, { "model": "change and configuration management database", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2" }, { "model": "change and configuration management database", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "business process manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1" }, { "model": "business process manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "api management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.0" }, { "model": "api management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.0" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.2.2" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.9" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.8" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.7" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.3" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.2" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.1" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.7.7" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.17" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.15" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.10" }, { "model": "fortios b0630", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.8" }, { "model": "fortios b0537", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.8" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.8" }, { "model": "fortios beta", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "3.0" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "3.0" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "2.80" }, { "model": "fortios mr5", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "2.50" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "2.50" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "2.36" }, { "model": "fortios mr10", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "2.8" }, { "model": "fortios 0mr4", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "2.5" }, { "model": "fortios build", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.2.0589" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.2.0" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.6" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.5" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.4" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0.0" }, { "model": "fortios b064", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "5.0" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.18" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.16" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.14" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.13" }, { "model": "fortios", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "4.3.12" }, { "model": "fortios mr2", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "3.0" }, { "model": "fortios mr1", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "3.0" }, { "model": "fortios mr12", "scope": "eq", "trust": 0.3, "vendor": "fortinet", "version": "2.80" }, { "model": "big-iq security", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.4" }, { "model": "big-iq security", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.3" }, { "model": "big-iq security", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.2" }, { "model": "big-iq security", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.1" }, { "model": "big-iq security", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.0" }, { "model": "big-iq device", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.4" }, { "model": "big-iq device", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.3" }, { "model": "big-iq device", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.2" }, { "model": "big-iq device", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5" }, { "model": "big-iq cloud", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.4" }, { "model": "big-iq cloud", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.3" }, { "model": "big-iq cloud", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.2" }, { "model": "big-iq cloud", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.1" }, { "model": "big-iq cloud", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.0" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.00" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0" }, { "model": "big-ip wan optimization module", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "big-ip wan optimization module", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip wan optimization module", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0.0" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip pem", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip pem", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "big-ip pem", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "big-ip pem", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.0" }, { "model": "big-ip pem", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip ltm hf4", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.1" }, { "model": "big-ip edge gateway hf4", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.00" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0.00" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.40" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0.00" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.0" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4.0" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip afm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip afm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "big-ip afm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "big-ip afm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4.1" }, { "model": "big-ip aam", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip aam", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "big-ip aam", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.4.0" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "big-ip hf3", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip hf3", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3.0.39.0" }, { "model": "ace application control engine module", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "adaptive security appliance software", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "point software secureplatform os r77.20", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r77.10", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r77", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r76", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r75.47", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r75.46", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r75.45", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r75.40vs", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r75.40", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r75.30", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r75.20", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r75.10", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software secureplatform os r75", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r77.20", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r77.10", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r77", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r76", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r75.47", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r75.46", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r75.45", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r75.40vs", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r75.40", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r75.30", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r75.20", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r75.10", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software gaia os r75", "scope": null, "trust": 0.3, "vendor": "check", "version": null }, { "model": "point software check point ipso", "scope": "eq", "trust": 0.3, "vendor": "check", "version": "6.2" }, { "model": "networks adc 2.7.2-p3", "scope": null, "trust": 0.3, "vendor": "a10", "version": null }, { "model": "networks adc 2.7.1-p5", "scope": null, "trust": 0.3, "vendor": "a10", "version": null }, { "model": "networks adc 2.7.0-p6", "scope": null, "trust": 0.3, "vendor": "a10", "version": null }, { "model": "networks adc 2.6.1-gr1", "scope": null, "trust": 0.3, "vendor": "a10", "version": null }, { "model": "smartcloud provisioning ifix", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "2.3.0.17" }, { "model": "smartcloud orchestrator fp1 ifix7", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "2.3" }, { "model": "rational doors", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.6.1.1" }, { "model": "rational doors", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.6.0.2" }, { "model": "rational doors", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.5.2.3" }, { "model": "rational doors", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.5.1.4" }, { "model": "rational doors", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.5.0.3" }, { "model": "rational doors", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.4.0.3" }, { "model": "rational doors", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.3.0.9" }, { "model": "fortios", "scope": "ne", "trust": 0.3, "vendor": "fortinet", "version": "5.2.3" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-08824" }, { "db": "BID", "id": "71549" }, { "db": "JVNDB", "id": "JVNDB-2014-005869" }, { "db": "NVD", "id": "CVE-2014-8730" }, { "db": "CNNVD", "id": "CNNVD-201412-189" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:10.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:10.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:10.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-iq_security:4.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-iq_security:4.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-iq_security:4.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-iq_security:4.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-iq_security:4.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:10.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:11.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-iq_device:4.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-iq_device:4.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:10.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-iq_cloud:4.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-iq_cloud:4.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-iq_cloud:4.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-iq_cloud:4.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-iq_cloud:4.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2014-8730" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Adam Langley", "sources": [ { "db": "BID", "id": "71549" } ], "trust": 0.3 }, "cve": "CVE-2014-8730", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "None", "baseScore": 4.3, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "CVE-2014-8730", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "CNVD-2014-08824", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "VHN-76675", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2014-8730", "trust": 1.8, "value": "MEDIUM" }, { "author": "CNVD", "id": "CNVD-2014-08824", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201412-189", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-76675", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-08824" }, { "db": "VULHUB", "id": "VHN-76675" }, { "db": "JVNDB", "id": "JVNDB-2014-005869" }, { "db": "NVD", "id": "CVE-2014-8730" }, { "db": "CNNVD", "id": "CNNVD-201412-189" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, PEM 11.3.0 through 11.6.0, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.4.1 and BIG-IQ Cloud and Security 4.0.0 through 4.4.0 and Device 4.2.0 through 4.4.0, when using TLS 1.x before TLS 1.2, does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). NOTE: the scope of this identifier is limited to the F5 implementation only. Other vulnerable implementations should receive their own CVE ID, since this is not a vulnerability within the design of TLS 1.x itself. The problem is CVE-2014-3566 ( alias POODLE) Similar problem. TLS is a new protocol developed by the IETF (Engineering Task Force). It is based on the SSL protocol specification and is the subsequent version of SSL. The Secure Transport Layer Protocol (TLS) is used to provide confidentiality and data integrity between two communication applications. \r\n\r\n\r\nTLS has security vulnerabilities that mainly affect browsers. Because TLS1.2 failed to correctly verify PADDING, even if the attacker did not first downgrade to SSL3.0, he could use TLS1.2 to bypass the transport layer encryption mechanism by using man-in-the-middle attack methods to steal the user\u0027s sensitive information, such as cookies , Account information, etc. \nNote: This issue was previously titled \u0027OpenSSL CVE-2014-8730 Man In The Middle Information Disclosure Vulnerability\u0027. The title and technical details have been changed to better reflect the underlying component affected. \nAn attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. F5 BIG-IP LTM, etc. LTM is a local traffic manager; APM is a solution that provides secure unified access to business-critical applications and networks. The following products and versions are affected: F5 BIG-IP LTM, APM, ASM version 10.0.0 to 10.2.4 and 11.0.0 to 11.5.1, AAM version 11.4.0 to 11.5.1, AFM 11.3. 0 to 11.5.1, Analytics 11.0.0 to 11.5.1, Edge Gateway, WebAccelerator, WOM 10.1.0 to 10.2.4 and 11.0.0 to 11.3.0, PEM 11.3.0 to 11.6.0, PSM 10.0.0 to 10.2.4 and 11.0.0 to 11.4.1, BIG-IQ Cloud, Security 4.0.0 to 4.4.0, Device 4.2.0 to 4.4 .0 version. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04819635\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04819635\nVersion: 1\n\nHPSBPV03516 rev.1 - HP VAN SDN Controller, Multiple Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2015-09-29\nLast Updated: 2015-09-29\n\nPotential Security Impact: Disclosure of Privileged Information, Remote\nDisclosure of Privileged Information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with the HP VAN SDN\nController running SSLv3. This is the SSLv3 vulnerability known as \"Padding\nOracle on Downgraded Legacy Encryption\" also known as \"Poodle\", which could\nbe exploited remotely resulting in disclosure of privileged information. \n\nReferences:\n\nCVE-2014-8730\nSSRT102263\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\nVAN SDN Controller 2.5.21\nVAN SDN Controller 2.5.15\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2014-8730 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP recommends disabling TLS v1.0 by deleting its entry in sslEnabledProtocols\nin the client Auth properties of the\n/opt/sdn/virgo/configuration/tomcat-server.xml file. \n\nOpen the /opt/sdn/virgo/configuration/tomcat-server.xml file for editing\nChange the following line from this: clientAuth=\"false\"\nsslEnabledProtocols=\"TLSv1.0, TLSv1.1,TLSv1.2\" to this: clientAuth=\"false\"\nsslEnabledProtocols=\" TLSv1.1,TLSv1.2\"\nRestart the controller. \n\nHISTORY\nVersion:1 (rev.1) - 29 September 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.13 (GNU/Linux)\n\niEYEARECAAYFAlYKlgkACgkQ4B86/C0qfVmdggCg40wxxeG+Op+gBFzLBG9neKCo\nbW4AnjzTddq/rpaQfITkTvhg7DUpT9f5\n=Px26\n-----END PGP SIGNATURE-----\n", "sources": [ { "db": "NVD", "id": "CVE-2014-8730" }, { "db": "JVNDB", "id": "JVNDB-2014-005869" }, { "db": "CNVD", "id": "CNVD-2014-08824" }, { "db": "BID", "id": "71549" }, { "db": "VULHUB", "id": "VHN-76675" }, { "db": "PACKETSTORM", "id": "133815" }, { "db": "PACKETSTORM", "id": "139063" } ], "trust": 2.7 }, "exploit_availability": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "reference": "https://www.scap.org.cn/vuln/vhn-76675", "trust": 0.1, "type": "unknown" } ], "sources": [ { "db": "VULHUB", "id": "VHN-76675" } ] }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2014-8730", "trust": 3.6 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2014/12/09/27", "trust": 1.7 }, { "db": "SECUNIA", "id": "62167", "trust": 1.1 }, { "db": "SECUNIA", "id": "62388", "trust": 1.1 }, { "db": "SECUNIA", "id": "62224", "trust": 1.1 }, { "db": "BID", "id": "71549", "trust": 1.0 }, { "db": "JVNDB", "id": "JVNDB-2014-005869", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201412-189", "trust": 0.7 }, { "db": "CNVD", "id": "CNVD-2014-08824", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "133815", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-76675", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "139063", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-08824" }, { "db": "VULHUB", "id": "VHN-76675" }, { "db": "BID", "id": "71549" }, { "db": "JVNDB", "id": "JVNDB-2014-005869" }, { "db": "PACKETSTORM", "id": "133815" }, { "db": "PACKETSTORM", "id": "139063" }, { "db": "NVD", "id": "CVE-2014-8730" }, { "db": "CNNVD", "id": "CNNVD-201412-189" } ] }, "id": "VAR-201412-0271", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-76675" } ], "trust": 0.51413815875 }, "last_update_date": "2023-12-18T10:53:27.101000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "CVE-2014-8730 Padding issue", "trust": 0.8, "url": "https://devcentral.f5.com/articles/cve-2014-8730-padding-issue-8151" }, { "title": "sol15882: TLS1.x padding vulnerability CVE-2014-8730", "trust": 0.8, "url": "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html" }, { "title": "Interstage\u3084Systemwalker\u95a2\u9023\u88fd\u54c1\uff1aTLS1.0\u5b9f\u88c5\u306b\u304a\u3051\u308b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u8106\u5f31\u6027\u306e\u554f\u984c", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_systemwalker_tls_201501.html" }, { "title": "Patch for TLS fills man-in-the-middle attack vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/52704" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-08824" }, { "db": "JVNDB", "id": "JVNDB-2014-005869" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-310", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-76675" }, { "db": "JVNDB", "id": "JVNDB-2014-005869" }, { "db": "NVD", "id": "CVE-2014-8730" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.6, "url": "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html" }, { "trust": 2.6, "url": "https://www.imperialviolet.org/2014/12/08/poodleagain.html" }, { "trust": 2.0, "url": "https://devcentral.f5.com/articles/cve-2014-8730-padding-issue-8151" }, { "trust": 1.7, "url": "http://www.openwall.com/lists/oss-security/2014/12/09/27" }, { "trust": 1.4, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8730" }, { "trust": 1.1, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693271" }, { "trust": 1.1, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693337" }, { "trust": 1.1, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693495" }, { "trust": 1.1, "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04819635" }, { "trust": 1.1, "url": "https://support.lenovo.com/product_security/poodle" }, { "trust": 1.1, "url": "https://support.lenovo.com/us/en/product_security/poodle" }, { "trust": 1.1, "url": "http://secunia.com/advisories/62167" }, { "trust": 1.1, "url": "http://secunia.com/advisories/62224" }, { "trust": 1.1, "url": "http://secunia.com/advisories/62388" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=144372772101168\u0026w=2" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8730" }, { "trust": 0.3, "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk103683" }, { "trust": 0.3, "url": "http://www.fortiguard.com/advisory/cve-2014-8730--poodle-for-tls--vulnerability/" }, { "trust": 0.3, "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=36740" }, { "trust": 0.3, "url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-8730" }, { "trust": 0.3, "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=tsb16579" }, { "trust": 0.3, "url": "https://securityadvisories.paloaltonetworks.com/home/detail/28?aspxautodetectcookiesupport=1" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695127" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698837" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685985" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21699160" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021903" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693877" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693142" }, { "trust": 0.3, "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21692502" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960375" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693290" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693623" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21700209" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692934" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693285" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692618" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692802" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693330" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698986" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961009" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8730" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=144372772101168\u0026amp;w=2" }, { "trust": 0.1, "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/" }, { "trust": 0.1, "url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins" }, { "trust": 0.1, "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/" }, { "trust": 0.1, "url": "http://www.hpe.com/support/security_bulletin_archive" }, { "trust": 0.1, "url": "https://www.hpe.com/info/report-security-vulnerability" }, { "trust": 0.1, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04819635" }, { "trust": 0.1, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499" }, { "trust": 0.1, "url": "http://www.hpe.com/support/subscriber_choice" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-08824" }, { "db": "VULHUB", "id": "VHN-76675" }, { "db": "BID", "id": "71549" }, { "db": "JVNDB", "id": "JVNDB-2014-005869" }, { "db": "PACKETSTORM", "id": "133815" }, { "db": "PACKETSTORM", "id": "139063" }, { "db": "NVD", "id": "CVE-2014-8730" }, { "db": "CNNVD", "id": "CNNVD-201412-189" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2014-08824" }, { "db": "VULHUB", "id": "VHN-76675" }, { "db": "BID", "id": "71549" }, { "db": "JVNDB", "id": "JVNDB-2014-005869" }, { "db": "PACKETSTORM", "id": "133815" }, { "db": "PACKETSTORM", "id": "139063" }, { "db": "NVD", "id": "CVE-2014-8730" }, { "db": "CNNVD", "id": "CNNVD-201412-189" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-12-11T00:00:00", "db": "CNVD", "id": "CNVD-2014-08824" }, { "date": "2014-12-10T00:00:00", "db": "VULHUB", "id": "VHN-76675" }, { "date": "2014-12-08T00:00:00", "db": "BID", "id": "71549" }, { "date": "2014-12-11T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-005869" }, { "date": "2015-10-02T23:43:22", "db": "PACKETSTORM", "id": "133815" }, { "date": "2016-10-12T04:50:49", "db": "PACKETSTORM", "id": "139063" }, { "date": "2014-12-10T00:59:01.293000", "db": "NVD", "id": "CVE-2014-8730" }, { "date": "2014-12-10T00:00:00", "db": "CNNVD", "id": "CNNVD-201412-189" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-02-21T00:00:00", "db": "CNVD", "id": "CNVD-2014-08824" }, { "date": "2017-01-03T00:00:00", "db": "VULHUB", "id": "VHN-76675" }, { "date": "2016-10-26T11:05:00", "db": "BID", "id": "71549" }, { "date": "2015-03-03T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-005869" }, { "date": "2017-01-03T02:59:21.893000", "db": "NVD", "id": "CVE-2014-8730" }, { "date": "2014-12-10T00:00:00", "db": "CNNVD", "id": "CNNVD-201412-189" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201412-189" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural F5 Product SSL Vulnerability in obtaining clear text data in profile component", "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-005869" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "encryption problem", "sources": [ { "db": "CNNVD", "id": "CNNVD-201412-189" } ], "trust": 0.6 } }
var-200912-0598
Vulnerability from variot
The SSL implementation in multiple Fujitsu products is prone to a buffer-overflow vulnerability, a security-bypass vulnerability, and a denial-of-service vulnerability. Attackers can exploit these issues to execute arbitrary code, to compromise encrypted communications, and to exhaust available file descriptors. Other attacks may also be possible.
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-200912-0598", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "systemwalker centric manager standard edition", "scope": "eq", "trust": 0.9, "vendor": "fujitsu", "version": "13.1" }, { "model": "systemwalker centric manager enterprise edition", "scope": "eq", "trust": 0.9, "vendor": "fujitsu", "version": "13.1" }, { "model": "systemwalker centric manager global enterprise edition", "scope": "eq", "trust": 0.6, "vendor": "fujitsu", "version": "13.1" }, { "model": "trademaster workstation for windowsnt 3.0l10", "scope": null, "trust": 0.3, "vendor": "fujitsu", "version": null }, { "model": "trademaster standard edition 3.0l10", "scope": null, "trust": 0.3, "vendor": "fujitsu", "version": null }, { "model": "trademaster for windowsnt 2.0l10", "scope": null, "trust": 0.3, "vendor": "fujitsu", "version": null }, { "model": "trademaster enterprise edition 3.0l10", "scope": null, "trust": 0.3, "vendor": "fujitsu", "version": null }, { "model": "trademaster base edition 3.0l10", "scope": null, "trust": 0.3, "vendor": "fujitsu", "version": null }, { "model": "trademaster 2.0l10", "scope": null, "trust": 0.3, "vendor": "fujitsu", "version": null }, { "model": "systemwalker/it budgetmgr 10.0l20", "scope": null, "trust": 0.3, "vendor": "fujitsu", "version": null }, { "model": "systemwalker/infodirectory l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "10.0" }, { "model": "systemwalker/infodirectory", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "10.0" }, { "model": "systemwalker/centricmgr-a se l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "10.0" }, { "model": "systemwalker software delivery standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "13.2" }, { "model": "systemwalker software delivery standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "13.1" }, { "model": "systemwalker software delivery standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "13.0" }, { "model": "systemwalker software delivery standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "12.1" }, { "model": "systemwalker software delivery standard edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "12.0" }, { "model": "systemwalker software delivery standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "12.0" }, { "model": "systemwalker software delivery standard edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "11.0" }, { "model": "systemwalker software delivery standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "11.0" }, { "model": "systemwalker software delivery se 10.0l20", "scope": null, "trust": 0.3, "vendor": "fujitsu", "version": null }, { "model": "systemwalker software delivery enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "13.2" }, { "model": "systemwalker software delivery enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "13.1" }, { "model": "systemwalker software delivery enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "13.0" }, { "model": "systemwalker software delivery enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "12.1" }, { "model": "systemwalker software delivery enterprise edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "12.0" }, { "model": "systemwalker software delivery enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "12.0" }, { "model": "systemwalker software delivery enterprise edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "11.0" }, { "model": "systemwalker software delivery enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "11.0" }, { "model": "systemwalker it budget manager", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "11.0" }, { "model": "systemwalker formcoordinator 10.0l30", "scope": null, "trust": 0.3, "vendor": "fujitsu", "version": null }, { "model": "systemwalker desktop patrol", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "13.0" }, { "model": "systemwalker desktop patrol l10a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "12.0" }, { "model": "systemwalker desktop patrol l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "12.0" }, { "model": "systemwalker desktop patrol l10e", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "11.0" }, { "model": "systemwalker desktop patrol l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "11.0" }, { "model": "systemwalker desktop patrol l30", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "10.0" }, { "model": "systemwalker desktop patrol l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "10.0" }, { "model": "systemwalker desktop inspection standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "13.0" }, { "model": "systemwalker desktop inspection base edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "13.0" }, { "model": "systemwalker desktop inspection l10a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "12.0" }, { "model": "systemwalker desktop inspection l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "12.0" }, { "model": "systemwalker centricmgr-a ee 10.0l20", "scope": null, "trust": 0.3, "vendor": "fujitsu", "version": null }, { "model": "systemwalker centric manager standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "13.2" }, { "model": "systemwalker centric manager standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "13.0" }, { "model": "systemwalker centric manager standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "12.1" }, { "model": "systemwalker centric manager standard edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "12.0" }, { "model": "systemwalker centric manager standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "12.0" }, { "model": "systemwalker centric manager standard edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "11.0" }, { "model": "systemwalker centric manager standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "11.0" }, { "model": "systemwalker centric manager global enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "13.2" }, { "model": "systemwalker centric manager global enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "13.0" }, { "model": "systemwalker centric manager global enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "12.1" }, { "model": "systemwalker centric manager global enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "12.0" }, { "model": "systemwalker centric manager global enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "11.0" }, { "model": "systemwalker centric manager enterprise edition(linux for itaniu", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "13.1" }, { "model": "systemwalker centric manager enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "13.2" }, { "model": "systemwalker centric manager enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "13.0" }, { "model": "systemwalker centric manager enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "12.1" }, { "model": "systemwalker centric manager enterprise edition l10e", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "12.0" }, { "model": "systemwalker centric manager enterprise edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "12.0" }, { "model": "systemwalker centric manager enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "12.0" }, { "model": "systemwalker centric manager enterprise edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "11.0" }, { "model": "systemwalker centric manager enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "11.0" }, { "model": "symfoware universal data interchanger", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "0.1.2" }, { "model": "symfoware universal data interchanger", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "0.1.1" }, { "model": "symfoware universal data interchanger l20a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "1.0" }, { "model": "symfoware universal data interchanger l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "1.0" }, { "model": "safegate client l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "safegate client l21", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "2.0" }, { "model": "safegate client l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "2.0" }, { "model": "safegate l20a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "20" }, { "model": "safegate l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "20" }, { "model": "safegate l22", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "2.0" }, { "model": "safegate l21", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "2.0" }, { "model": "safegate l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "2.0" }, { "model": "safeauthor l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.6" }, { "model": "safeauthor l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.5" }, { "model": "safeauthor l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.4" }, { "model": "safeauthor", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.4" }, { "model": "safeauthor l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.3" }, { "model": "safeauthor", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.3" }, { "model": "safeauthor l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.2" }, { "model": "safeauthor", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.1" }, { "model": "safeauthor", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "linkexpress enterprise edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "linkexpress advanced edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0.2" }, { "model": "linkexpress advanced edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0.1" }, { "model": "linkexpress advanced edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0.1" }, { "model": "linkexpress advanced edition l21", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "linkexpress advanced edition l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "linkexpress advanced edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "linkexpress advanced edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "linkexpress advanced edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.2" }, { "model": "linkexpress advanced edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.1" }, { "model": "linkexpress advanced edition l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "linkexpress advanced edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "linkexpress advanced edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "linkexpress advanced edition l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "2.1" }, { "model": "linkexpress advanced edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "2.0" }, { "model": "interstage traffic director standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0.1" }, { "model": "interstage traffic director standard edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage traffic director standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage traffic director standard edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage traffic director standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage traffic director standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.1" }, { "model": "interstage traffic director standard edition l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage traffic director standard edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage traffic director standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage traffic director standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.1" }, { "model": "interstage traffic director standard edition l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage traffic director standard edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage traffic director standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage traffic director enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0.1" }, { "model": "interstage traffic director enterprise edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage traffic director enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage traffic director enterprise edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage traffic director enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage traffic director enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.1" }, { "model": "interstage traffic director enterprise edition l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage traffic director enterprise edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage traffic director enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage traffic director enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.1" }, { "model": "interstage traffic director enterprise edition l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage traffic director enterprise edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage traffic director l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "interstage traffic director l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "interstage standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "2.1.1" }, { "model": "interstage standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "2.1" }, { "model": "interstage standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "2.0" }, { "model": "interstage standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "0" }, { "model": "interstage security director", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0.1" }, { "model": "interstage security director l10a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage security director l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage security director", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage security director", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.1" }, { "model": "interstage security director l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage security director l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage security director", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage security director", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.1" }, { "model": "interstage security director l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage security director l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage security director", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage security director", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.1" }, { "model": "interstage security director l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "interstage security director l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "interstage security director", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "interstage formcoordinator l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage form coordinator l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage form coordinator l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "2.1.1" }, { "model": "interstage enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "2.1" }, { "model": "interstage enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "2.0" }, { "model": "interstage enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "0" }, { "model": "interstage business application manager standard edition for .ne l21", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "1.0" }, { "model": "interstage business application manager standard edition for .ne l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "1.0" }, { "model": "interstage business application manager standard edition for .ne l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "1.0" }, { "model": "interstage business application manager developer edition for .n", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "2.0" }, { "model": "interstage business application manager developer edition for .n l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "1.0" }, { "model": "interstage business application manager developer edition for .n l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "1.0" }, { "model": "interstage apworks standard edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage apworks standard edition l10a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage apworks standard edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage apworks modelers-j edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage apworks modelers-j edition l10a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage apworks modelers-j edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage apworks enterprise edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage apworks enterprise edition l10b", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage apworks enterprise edition l10a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage apworks enterprise edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "8.0.3" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "8.0.1" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "8.0" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0.1" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0.2" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0.1" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.1.1" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0.1" }, { "model": "interstage application server web-j edition l11", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server web-j edition l10a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server web-j edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server web-j edition l11", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server web-j edition l10c", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server web-j edition l10b", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server web-j edition l10a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server web-j edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.1" }, { "model": "interstage application server web-j edition l20a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server web-j edition l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server web-j edition l11", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server web-j edition l10b", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server web-j edition l10a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server web-j edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.1" }, { "model": "interstage application server web-j edition l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage application server web-j edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.1" }, { "model": "interstage application server web-j edition l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "interstage application server web edition l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "interstage application server web edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "interstage application server standard-j edition b", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "9.0.1" }, { "model": "interstage application server standard-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "9.0.1" }, { "model": "interstage application server standard-j edition b", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "9.0" }, { "model": "interstage application server standard-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "9.0" }, { "model": "interstage application server standard-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "8.0.3" }, { "model": "interstage application server standard-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "8.0.1" }, { "model": "interstage application server standard-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "8.0" }, { "model": "interstage application server standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0.1" }, { "model": "interstage application server standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0.2" }, { "model": "interstage application server standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0.1" }, { "model": "interstage application server standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.1.1" }, { "model": "interstage application server standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0.1" }, { "model": "interstage application server standard edition l11", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server standard edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server standard edition l10c", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server standard edition l10b", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server standard edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.1" }, { "model": "interstage application server standard edition l20a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server standard edition l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server standard edition l11", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server standard edition l10b", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server standard edition l10a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server standard edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.1" }, { "model": "interstage application server standard edition l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage application server standard edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage application server standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage application server standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.1" }, { "model": "interstage application server standard edition l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "interstage application server standard edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "interstage application server standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "interstage application server plus developer global", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0.1" }, { "model": "interstage application server plus developer global", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server plus developer global", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server plus developer l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server plus developer l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server plus developer l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server plus", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0.1" }, { "model": "interstage application server plus", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0.2" }, { "model": "interstage application server plus", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0.1" }, { "model": "interstage application server plus", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.1.1" }, { "model": "interstage application server plus l11", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server plus l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server plus", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server plus l11", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server plus l10c", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server plus l10b", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server plus l10a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server plus l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server plus", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server plus", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.1" }, { "model": "interstage application server plus l20a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server plus l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server enterprise edition b", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "9.0.1" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "9.0.1" }, { "model": "interstage application server enterprise edition b", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "9.0" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "9.0" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "8.0.3" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "8.0.1" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "8.0" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0.1" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0.2" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0.1" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.1.1" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0.1" }, { "model": "interstage application server enterprise edition l11", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server enterprise edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server enterprise edition l10c", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server enterprise edition l10b", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server enterprise edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.1" }, { "model": "interstage application server enterprise edition l20a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server enterprise edition l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server enterprise edition l11", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server enterprise edition l10b", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server enterprise edition l10a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server enterprise edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.1" }, { "model": "interstage application server enterprise edition l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage application server enterprise edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.1" }, { "model": "interstage application server enterprise edition l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "interstage application server enterprise edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "interstage application framework suite web edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0.2" }, { "model": "interstage application framework suite web edition l11", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application framework suite web edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application framework suite web edition l10c", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application framework suite web edition l10b", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application framework suite web edition l10a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application framework suite web edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application framework suite standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0.2" }, { "model": "interstage application framework suite standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0.2" }, { "model": "interstage application framework suite standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0.1" }, { "model": "interstage application framework suite standard edition l11", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application framework suite standard edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application framework suite standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application framework suite standard edition l10c", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application framework suite standard edition l10b", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application framework suite standard edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application framework suite standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application framework suite enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0.1" }, { "model": "interstage application framework suite enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0.2" }, { "model": "interstage application framework suite enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0.1" }, { "model": "interstage application framework suite enterprise edition l10c", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application framework suite enterprise edition l10b", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application framework suite enterprise edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application framework suite enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage apcoordinator enterprise edition 5.0l10", "scope": null, "trust": 0.3, "vendor": "fujitsu", "version": null }, { "model": "interstage apcoordinator enterprise edition l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "1.1" }, { "model": "interstage l20a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "1.0" }, { "model": "interstage l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "1.0" }, { "model": "infoproxy for middleware", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "1.0.1" }, { "model": "infoproxy for middleware", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "1011" }, { "model": "infoproxy for middleware", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "1010" }, { "model": "infoproxy for middleware", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "1.0" }, { "model": "infoproxy", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.2" }, { "model": "infoproxy", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.1" }, { "model": "infoproxy l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "infoproxy l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "infoproxy", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "infoprovider pro l21", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "2.0" }, { "model": "infoprovider pro l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "2.0" }, { "model": "infodirectory", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "1.0.9" }, { "model": "infodirectory", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "1.0.8" }, { "model": "infodirectory", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "1.0.2" }, { "model": "infodirectory", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "1.0.1" }, { "model": "infodirectory l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "1.0" }, { "model": "infodirectory l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "1.0" }, { "model": "infodirectory", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "1.0" } ], "sources": [ { "db": "BID", "id": "37491" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Fujitsu", "sources": [ { "db": "BID", "id": "37491" } ], "trust": 0.3 }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The SSL implementation in multiple Fujitsu products is prone to a buffer-overflow vulnerability, a security-bypass vulnerability, and a denial-of-service vulnerability.\nAttackers can exploit these issues to execute arbitrary code, to compromise encrypted communications, and to exhaust available file descriptors. Other attacks may also be possible.", "sources": [ { "db": "BID", "id": "37491" } ], "trust": 0.3 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "BID", "id": "37491", "trust": 0.3 } ], "sources": [ { "db": "BID", "id": "37491" } ] }, "id": "VAR-200912-0598", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.1592992933333333 }, "last_update_date": "2022-05-17T01:51:51.495000Z", "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 0.3, "url": "http://www.fujitsu.com/" }, { "trust": 0.3, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_systemwalker_ssl_200901.html" } ], "sources": [ { "db": "BID", "id": "37491" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "BID", "id": "37491" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2009-12-28T00:00:00", "db": "BID", "id": "37491" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2009-12-29T22:53:00", "db": "BID", "id": "37491" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "network", "sources": [ { "db": "BID", "id": "37491" } ], "trust": 0.3 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Multiple Fujitsu Products SSL Implementation Multiple Remote Vulnerabilities", "sources": [ { "db": "BID", "id": "37491" } ], "trust": 0.3 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Unknown", "sources": [ { "db": "BID", "id": "37491" } ], "trust": 0.3 } }
var-201312-0318
Vulnerability from variot
Buffer overflow in the Interstage HTTP Server log functionality, as used in Fujitsu Interstage Application Server 9.0.0, 9.1.0, 9.2.0, 9.3.1, and 10.0.0; and Interstage Studio 9.0.0, 9.1.0, 9.2.0, and 10.0.0, has unspecified impact and attack vectors related to "ihsrlog/rotatelogs.". An attacker could execute arbitrary code. Fujitsu Interstage is a modular software component for enterprise business operations management. Multiple Fujitsu Interstage Products are prone to an unspecified buffer-overflow vulnerability because it fails to properly bounds check data. Failed attempts will likely cause a denial-of-service condition
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201312-0318", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "interstage studio", "scope": "eq", "trust": 1.6, "vendor": "fujitsu", "version": "10.0.0" }, { "model": "interstage application server", "scope": "eq", "trust": 1.6, "vendor": "fujitsu", "version": "10.0.0" }, { "model": "interstage application server", "scope": "eq", "trust": 1.6, "vendor": "fujitsu", "version": "9.3.1" }, { "model": "interstage studio", "scope": "eq", "trust": 1.6, "vendor": "fujitsu", "version": "9.1.0" }, { "model": "interstage application server", "scope": "eq", "trust": 1.6, "vendor": "fujitsu", "version": "9.1.0" }, { "model": "interstage studio", "scope": "eq", "trust": 1.6, "vendor": "fujitsu", "version": "9.2.0" }, { "model": "interstage application server", "scope": "eq", "trust": 1.6, "vendor": "fujitsu", "version": "9.2.0" }, { "model": "interstage studio", "scope": "eq", "trust": 1.6, "vendor": "fujitsu", "version": "9.0.0" }, { "model": "interstage application server", "scope": "eq", "trust": 1.6, "vendor": "fujitsu", "version": "9.0.0" }, { "model": "interstage application server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage studio", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage web server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage", "scope": "eq", "trust": 0.6, "vendor": "fujitsu", "version": "9.x" }, { "model": "interstage studio standard-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "9.2" }, { "model": "interstage studio standard-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "9.1" }, { "model": "interstage studio standard-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "9.0" }, { "model": "interstage studio standard-j edition b", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "9.1.0" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "9.2" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "9.1" }, { "model": "interstage application server enterprise edition a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "9.0" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "9.0" }, { "model": "interstage application server enterprise edition 9.1.0a", "scope": null, "trust": 0.3, "vendor": "fujitsu", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "interstage application server", "version": "9.0.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "interstage application server", "version": "9.1.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "interstage application server", "version": "9.2.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "interstage application server", "version": "9.3.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "interstage application server", "version": "10.0.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "interstage studio", "version": "9.0.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "interstage studio", "version": "9.1.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "interstage studio", "version": "9.2.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "interstage studio", "version": "10.0.0" } ], "sources": [ { "db": "IVD", "id": "671342aa-1efb-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-14750" }, { "db": "BID", "id": "63929" }, { "db": "JVNDB", "id": "JVNDB-2013-005262" }, { "db": "NVD", "id": "CVE-2013-7105" }, { "db": "CNNVD", "id": "CNNVD-201312-260" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_application_server:9.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_studio:9.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_studio:10.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_application_server:9.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_application_server:9.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_application_server:9.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_application_server:10.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_studio:9.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_studio:9.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2013-7105" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The vendor reported this issue.", "sources": [ { "db": "BID", "id": "63929" } ], "trust": 0.3 }, "cve": "CVE-2013-7105", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "IPA", "availabilityImpact": "Complete", "baseScore": 10.0, "confidentialityImpact": "Complete", "exploitabilityScore": null, "id": "JVNDB-2013-005262", "impactScore": null, "integrityImpact": "Complete", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CNVD-2013-14750", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "671342aa-1efb-11e6-abef-000c29c66e3d", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.9 [IVD]" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2013-7105", "trust": 1.0, "value": "HIGH" }, { "author": "IPA", "id": "JVNDB-2013-005262", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2013-14750", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201312-260", "trust": 0.6, "value": "CRITICAL" }, { "author": "IVD", "id": "671342aa-1efb-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "CRITICAL" } ] } ], "sources": [ { "db": "IVD", "id": "671342aa-1efb-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-14750" }, { "db": "JVNDB", "id": "JVNDB-2013-005262" }, { "db": "NVD", "id": "CVE-2013-7105" }, { "db": "CNNVD", "id": "CNNVD-201312-260" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Buffer overflow in the Interstage HTTP Server log functionality, as used in Fujitsu Interstage Application Server 9.0.0, 9.1.0, 9.2.0, 9.3.1, and 10.0.0; and Interstage Studio 9.0.0, 9.1.0, 9.2.0, and 10.0.0, has unspecified impact and attack vectors related to \"ihsrlog/rotatelogs.\". An attacker could execute arbitrary code. Fujitsu Interstage is a modular software component for enterprise business operations management. Multiple Fujitsu Interstage Products are prone to an unspecified buffer-overflow vulnerability because it fails to properly bounds check data. Failed attempts will likely cause a denial-of-service condition", "sources": [ { "db": "NVD", "id": "CVE-2013-7105" }, { "db": "JVNDB", "id": "JVNDB-2013-005262" }, { "db": "CNVD", "id": "CNVD-2013-14750" }, { "db": "BID", "id": "63929" }, { "db": "IVD", "id": "671342aa-1efb-11e6-abef-000c29c66e3d" } ], "trust": 2.61 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2013-7105", "trust": 2.9 }, { "db": "BID", "id": "63929", "trust": 1.9 }, { "db": "SECTRACK", "id": "1029398", "trust": 1.6 }, { "db": "CNVD", "id": "CNVD-2013-14750", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201312-260", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2013-005262", "trust": 0.8 }, { "db": "IVD", "id": "671342AA-1EFB-11E6-ABEF-000C29C66E3D", "trust": 0.2 } ], "sources": [ { "db": "IVD", "id": "671342aa-1efb-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-14750" }, { "db": "BID", "id": "63929" }, { "db": "JVNDB", "id": "JVNDB-2013-005262" }, { "db": "NVD", "id": "CVE-2013-7105" }, { "db": "CNNVD", "id": "CNNVD-201312-260" } ] }, "id": "VAR-201312-0318", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "671342aa-1efb-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-14750" } ], "trust": 0.9875 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "671342aa-1efb-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-14750" } ] }, "last_update_date": "2023-12-18T13:34:43.584000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Interstage HTTP Server: Buffer Overflow Vulnerability in Log Feature.", "trust": 0.8, "url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-201302e.html" }, { "title": "Patch for multiple Fujitsu Interstage products HTTP Server Buffer Overflow Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/41353" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2013-14750" }, { "db": "JVNDB", "id": "JVNDB-2013-005262" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-119", "trust": 1.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2013-005262" }, { "db": "NVD", "id": "CVE-2013-7105" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.9, "url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-201302e.html" }, { "trust": 1.6, "url": "http://www.securitytracker.com/id/1029398" }, { "trust": 1.0, "url": "http://www.securityfocus.com/bid/63929" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-7105" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-7105" }, { "trust": 0.6, "url": "http://www.securityfocus.com/bid/63929/" }, { "trust": 0.3, "url": "http://www.fujitsu.com/global/services/software/interstage/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2013-14750" }, { "db": "BID", "id": "63929" }, { "db": "JVNDB", "id": "JVNDB-2013-005262" }, { "db": "NVD", "id": "CVE-2013-7105" }, { "db": "CNNVD", "id": "CNNVD-201312-260" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "671342aa-1efb-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-14750" }, { "db": "BID", "id": "63929" }, { "db": "JVNDB", "id": "JVNDB-2013-005262" }, { "db": "NVD", "id": "CVE-2013-7105" }, { "db": "CNNVD", "id": "CNNVD-201312-260" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2013-11-28T00:00:00", "db": "IVD", "id": "671342aa-1efb-11e6-abef-000c29c66e3d" }, { "date": "2013-11-28T00:00:00", "db": "CNVD", "id": "CNVD-2013-14750" }, { "date": "2013-11-26T00:00:00", "db": "BID", "id": "63929" }, { "date": "2013-11-28T00:00:00", "db": "JVNDB", "id": "JVNDB-2013-005262" }, { "date": "2013-12-14T20:55:03.720000", "db": "NVD", "id": "CVE-2013-7105" }, { "date": "2013-12-19T00:00:00", "db": "CNNVD", "id": "CNNVD-201312-260" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2013-11-28T00:00:00", "db": "CNVD", "id": "CNVD-2013-14750" }, { "date": "2015-03-19T09:23:00", "db": "BID", "id": "63929" }, { "date": "2013-12-18T00:00:00", "db": "JVNDB", "id": "JVNDB-2013-005262" }, { "date": "2013-12-20T04:39:00.007000", "db": "NVD", "id": "CVE-2013-7105" }, { "date": "2013-12-19T00:00:00", "db": "CNNVD", "id": "CNNVD-201312-260" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201312-260" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Buffer Overflow Vulnerability in the log function of Interstage HTTP Server", "sources": [ { "db": "JVNDB", "id": "JVNDB-2013-005262" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Buffer overflow", "sources": [ { "db": "IVD", "id": "671342aa-1efb-11e6-abef-000c29c66e3d" }, { "db": "CNNVD", "id": "CNNVD-201312-260" } ], "trust": 0.8 } }
jvndb-2009-002358
Vulnerability from jvndb
▼ | Type | URL |
---|---|---|
Buffer Errors(CWE-119) | https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html | |
Improper Authentication(CWE-287) | https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html | |
Resource Management Errors(CWE-399) | https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html |
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-002358.html", "dc:date": "2009-12-28T11:19+09:00", "dcterms:issued": "2009-12-28T11:19+09:00", "dcterms:modified": "2009-12-28T11:19+09:00", "description": "Fujitsu Interstage and Systemwalker related products have the vulnerabilities listed below:\r\n- A buffer overflow vulnerability that can occur when the SSL server verifies the client\u0027s certificate.\r\n- A vulnerability that makes it possible to make an SSL connection using a server or client certificate issued by the old CA certificate after the CA certificate is renewed, regardless of the settings of the certificate environment variables.\r\n- A vulnerability where the depletion of resources, such as file descriptors, can occur on the SSL server.", "link": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-002358.html", "sec:cpe": [ { "#text": "cpe:/a:fujitsu:infodirectory", "@product": "InfoDirectory", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:infoprovider_pro", "@product": "InfoProvider Pro", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:infoproxy", "@product": "InfoProxy", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:infoproxy_for_middleware", "@product": "InfoProxy for Middleware", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage", "@product": "Interstage", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage_apcoordinator", "@product": "Interstage Apcoordinator", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage_application_framework_suite", "@product": "Interstage Application Framework Suite", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage_application_server", "@product": "Interstage Application Server", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage_apworks", "@product": "Interstage Apworks", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage_business_application_manager", "@product": "Interstage Business Application Manager", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage_form_coordinator_syomei_option", "@product": "Interstage Form Coordinator syomei option", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage_security_director", "@product": "Interstage Security Director", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage_traffic_director", "@product": "Interstage Traffic Director", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:linkexpress", "@product": "Linkexpress", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:safeauthor", "@product": "Safeauthor", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:safegate", "@product": "Safegate", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:safegate_client", "@product": "safegate Client", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:safegate_syutyu_kanri", "@product": "Safegate syutyu kanri", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:symfoware_universal_data_interchanger", "@product": "SymfoWARE Universal Data Interchanger", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:systemwalker_centricmgr-a", "@product": "Systemwalker CentricMGR-A", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:systemwalker_centric_manager", "@product": "Systemwalker Centric Manager", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:systemwalker_desktop_inspection", "@product": "Systemwalker Desktop Inspection", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:systemwalker_desktop_patrol", "@product": "Systemwalker Desktop Patrol", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:systemwalker_formcoordinator_syomei_option", "@product": "Systemwalker Formcoordinator syomei option", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:systemwalker_infodirectory", "@product": "SystemWalker/InfoDirectory", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:systemwalker_it_budgetmgr", "@product": "SystemWalker IT BudgetMGR", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:systemwalker_it_budget_manager", "@product": "Systemwalker IT Budget Manager", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:systemwalker_software_delivery", "@product": "Systemwalker Software Delivery", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:trademaster", "@product": "TRADEMASTER", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:trmaster", "@product": "TRMASTER", "@vendor": "FUJITSU", "@version": "2.2" } ], "sec:cvss": { "@score": "5.0", "@severity": "Medium", "@type": "Base", "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "@version": "2.0" }, "sec:identifier": "JVNDB-2009-002358", "sec:references": [ { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-119", "@title": "Buffer Errors(CWE-119)" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-287", "@title": "Improper Authentication(CWE-287)" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-399", "@title": "Resource Management Errors(CWE-399)" } ], "title": "Fujitsu Interstage and Systemwalker SSL Vulnerabilities" }
jvndb-2014-000045
Vulnerability from jvndb
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000045.html", "dc:date": "2015-05-08T18:01+09:00", "dcterms:issued": "2014-04-25T15:37+09:00", "dcterms:modified": "2015-05-08T18:01+09:00", "description": "Apache Struts provided by the Apache Software Foundation is a software framework for creating Java web applications. Apache Struts contains a vulnerability where the ClassLoader may be manipulated.\r\n\r\nNTT-CERT reported this vulnerability to IPA.\r\n JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.", "link": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000045.html", "sec:cpe": [ { "#text": "cpe:/a:apache:struts", "@product": "Apache Struts", "@vendor": "Apache Software Foundation", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:cloud_infrastructure_management_software", "@product": "Cloud Infrastructure Management Software", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:integrated_system_ha_database_ready", "@product": "FUJITSU Integrated System HA Database Ready", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage", "@product": "Interstage", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage_application_development_cycle_manager", "@product": "Interstage Application Development Cycle Manager", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage_application_framework_suite", "@product": "Interstage Application Framework Suite", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage_application_server", "@product": "Interstage Application Server", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage_apworks", "@product": "Interstage Apworks", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage_business_application_server", "@product": "Interstage Business Application Server", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage_interaction_manager", "@product": "Interstage Interaction Manager", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage_job_workload_server", "@product": "Interstage Job Workload Server", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage_service_integrator", "@product": "Interstage Service Integrator", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:interstage_studio", "@product": "Interstage Studio", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:serverview", "@product": "ServerView", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:symfoware", "@product": "Symfoware", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:systemwalker_service_catalog_manager", "@product": "Systemwalker Service Catalog Manager", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:systemwalker_service_quality_coordinator", "@product": "Systemwalker Service Quality Coordinator", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:systemwalker_software_configuration_manager", "@product": "Systemwalker Software Configuration Manager", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/a:fujitsu:triole", "@product": "TRIOLE", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/o:misc:miraclelinux_asianux_server", "@product": "Asianux Server", "@vendor": "Cybertrust Japan Co., Ltd.", "@version": "2.2" } ], "sec:cvss": { "@score": "7.5", "@severity": "High", "@type": "Base", "@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "@version": "2.0" }, "sec:identifier": "JVNDB-2014-000045", "sec:references": [ { "#text": "http://jvn.jp/en/jp/JVN19294237/index.html", "@id": "JVN#19294237", "@source": "JVN" }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0094", "@id": "CVE-2014-0094", "@source": "CVE" }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0112", "@id": "CVE-2014-0112", "@source": "CVE" }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0094", "@id": "CVE-2014-0094", "@source": "NVD" }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0112", "@id": "CVE-2014-0112", "@source": "NVD" }, { "#text": "http://www.ipa.go.jp/security/ciadr/vul/20140417-struts.html", "@id": "[Updated] Security Alert for Vulnerability in the \"Apache Struts2\" (CVE-2014-0094)(S2-020)", "@source": "IPA SECURITY ALERTS" }, { "#text": "http://www.kb.cert.org/vuls/id/719225", "@id": "VU#719225", "@source": "CERT-VN" }, { "#text": "http://www.konakart.com/downloads/ver-7-3-0-0-whats-new/", "@id": "Ver 7.3.0.0 - What\u2019s New?", "@source": "Related document" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-DesignError", "@title": "No Mapping(CWE-DesignError)" } ], "title": "Apache Struts vulnerable to ClassLoader manipulation" }