Vulnerabilites related to FUJITSU - TRIOLE
var-201404-0286
Vulnerability from variot
ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094. Apache Struts provided by the Apache Software Foundation is a software framework for creating Java web applications. Apache Struts contains a vulnerability where the ClassLoader may be manipulated. NTT-CERT reported this vulnerability to IPA. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Summary:
A minor version update (from 7.2 to 7.3) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description:
This release of Red Hat Fuse 7.3 serves as a replacement for Red Hat Fuse 7.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
-
jackson-databind: A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)
-
struts2: ClassLoader manipulation via request parameters (CVE-2014-0112)
-
jetty: HTTP request smuggling (CVE-2017-7657)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Solution:
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
Installation instructions are available from the Fuse 7.3.0 product documentation page: https://access.redhat.com/documentation/en-us/red_hat_fuse/7.3/
- Bugs fixed (https://bugzilla.redhat.com/):
1091939 - CVE-2014-0112 struts2: ClassLoader manipulation via request parameters 1462702 - CVE-2017-7525 jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper 1595620 - CVE-2017-7657 jetty: HTTP request smuggling
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2014-0007 Synopsis: VMware product updates address security vulnerabilities in Apache Struts library Issue date: 2014-06-24 Updated on: 2014-06-24 (Initial Advisory) CVE number: CVE-2014-0050, CVE-2014-0094, CVE-2014-0112
-
Summary
VMware product updates address security vulnerabilities in Apache Struts library
-
Relevant releases
VMware vCenter Operations Management Suite prior to 5.8.2
-
Problem Description
a. The Apache Struts library is updated to version 2.3.16.2 to address multiple security issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2014-0050, CVE-2014-0094, and
CVE-2014-0112 to these issues.
CVE-2014-0112 may lead to remote code execution. This issue was
found to be only partially addressed in CVE-2014-0094.
CVE-2014-0050 may lead to a denial of service condition.
vCenter Operations Management Suite (vCOps) is affected by both
CVE-2014-0112 and CVE-2014-0050. Exploitation of CVE-2014-0112
may lead to remote code execution without authentication.
vCenter Orchestrator (vCO) is affected by CVE-2014-0050 and not
by CVE-2014-0112.
Workaround
A workaround for CVE-2014-0112 is documented in VMware Knowledge Base
article 2081470.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======= ======= =================
vCOPS 5.8.x any vCOPS 5.8.2
vCOPS 5.7.x any patch pending *
vCO 5.5 any patch pending
vCO 5.1 any patch pending
vCO 4.2 any patch pending
*Customers are advised to apply the workaround or update to vCOps
5.8.2.
- Solution
Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.
vCenter Operations Management Suite 5.8.2
Downloads and Documentation: https://www.vmware.com/go/download-vcops
- References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0112
http://kb.vmware.com/kb/2081470
- Change log
2014-06-24 VMSA-2014-0007 Initial security advisory in conjunction with the release of vCenter Operations Management Suite 5.8.2 on 2014-06-24.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
security-announce at lists.vmware.com
bugtraq at securityfocus.com
fulldisclosure at seclists.org
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Advisories http://www.vmware.com/security/advisories
VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html
VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html
Twitter https://twitter.com/VMwareSRC
Copyright 2014 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: Encryption Desktop 10.3.2 (Build 15337) Charset: utf-8
wj8DBQFTqi0BDEcm8Vbi9kMRAnCKAJ9otVO7DlXuMnSEGh2TLBzS5hniKgCeMnAM CZ5+DYZAydCjMwVgtKqoo7Y= =Vwu5 -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201404-0286", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "struts", scope: "gte", trust: 1, vendor: "apache", version: "2.0.0", }, { model: "struts", scope: "lt", trust: 1, vendor: "apache", version: "2.3.16.2", }, { model: "struts", scope: "eq", trust: 0.8, vendor: "apache", version: "2.0.0 to 2.3.16.1", }, { model: "asianux server", scope: "eq", trust: 0.8, vendor: "cybertrust", version: "3 for x86(32bit)", }, { model: "asianux server", scope: "eq", trust: 0.8, vendor: "cybertrust", version: "3 for x86_64(64bit)", }, { model: "cloud infrastructure management software", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "integrated system ha database ready", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "business analytics modeling server", }, { model: "interstage", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "business process manager analytics", }, { model: "interstage", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "extreme transaction processing server", }, { model: "interstage", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "mobile manager", }, { model: "interstage application development cycle manager", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage application framework suite", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage application server", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage apworks", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage business application server", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage interaction manager", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage job workload server", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage service integrator", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage studio", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "serverview", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "resource orchestrator", }, { model: "symfoware", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "analytics server", }, { model: "symfoware", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "server", }, { model: "systemwalker service catalog manager", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "systemwalker service quality coordinator", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "systemwalker software configuration manager", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "triole", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "cloudmiddleset b set", }, { model: "struts", scope: "eq", trust: 0.6, vendor: "apache", version: "2.3.8", }, { model: "struts", scope: "eq", trust: 0.6, vendor: "apache", version: "2.3.7", }, { model: "struts", scope: "eq", trust: 0.6, vendor: "apache", version: "2.3.14.1", }, { model: "struts", scope: "eq", trust: 0.6, vendor: "apache", version: "2.3.14", }, { model: "struts", scope: "eq", trust: 0.6, vendor: "apache", version: "2.3.4.1", }, { model: "struts", scope: "eq", trust: 0.6, vendor: "apache", version: "2.3.14.3", }, { model: "struts", scope: "eq", trust: 0.6, vendor: "apache", version: "2.3.16.1", }, { model: "struts", scope: "eq", trust: 0.6, vendor: "apache", version: "2.3.15", }, { model: "struts", scope: "eq", trust: 0.6, vendor: "apache", version: "2.3.4", }, { model: "struts", scope: "eq", trust: 0.6, vendor: "apache", version: "2.3.14.2", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.2.3", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.2", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.8", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.6", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.5", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.2", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.1", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.14", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.12", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.11", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.10", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.9", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.8", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.7", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.6", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.5", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.4", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.3", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.2", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.1", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.3.1.2", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.3.1.1", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.2.3.1", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.4", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.3", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.13", }, ], sources: [ { db: "BID", id: "67064", }, { db: "JVNDB", id: "JVNDB-2014-000045", }, { db: "CNNVD", id: "CNNVD-201404-445", }, { db: "NVD", id: "CVE-2014-0112", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.16.2", versionStartIncluding: "2.0.0", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2014-0112", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Red Hat", sources: [ { db: "PACKETSTORM", id: "152687", }, { db: "CNNVD", id: "CNNVD-201404-445", }, ], trust: 0.7, }, cve: "CVE-2014-0112", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "IPA", availabilityImpact: "Partial", baseScore: 7.5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "JVNDB-2014-000045", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULMON", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2014-0112", impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "HIGH", trust: 0.1, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2014-0112", trust: 1, value: "HIGH", }, { author: "IPA", id: "JVNDB-2014-000045", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-201404-445", trust: 0.6, value: "HIGH", }, { author: "VULMON", id: "CVE-2014-0112", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "VULMON", id: "CVE-2014-0112", }, { db: "JVNDB", id: "JVNDB-2014-000045", }, { db: "CNNVD", id: "CNNVD-201404-445", }, { db: "NVD", id: "CVE-2014-0112", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094. Apache Struts provided by the Apache Software Foundation is a software framework for creating Java web applications. Apache Struts contains a vulnerability where the ClassLoader may be manipulated. NTT-CERT reported this vulnerability to IPA. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Summary:\n\nA minor version update (from 7.2 to 7.3) is now available for Red Hat Fuse. \nThe purpose of this text-only errata is to inform you about the security\nissues fixed in this release. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. Description:\n\nThis release of Red Hat Fuse 7.3 serves as a replacement for Red Hat Fuse\n7.2, and includes bug fixes and enhancements, which are documented in the\nRelease Notes document linked to in the References. \n\nSecurity Fix(es):\n\n* jackson-databind: A deserialization flaw was discovered in the\njackson-databind which could allow an unauthenticated user to perform code\nexecution by sending the maliciously crafted input to the readValue method\nof the ObjectMapper. (CVE-2017-7525)\n\n* struts2: ClassLoader manipulation via request parameters (CVE-2014-0112)\n\n* jetty: HTTP request smuggling (CVE-2017-7657)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section. Solution:\n\nBefore applying the update, back up your existing installation, including\nall applications, configuration files, databases and database settings, and\nso on. \n\nInstallation instructions are available from the Fuse 7.3.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.3/\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n1091939 - CVE-2014-0112 struts2: ClassLoader manipulation via request parameters\n1462702 - CVE-2017-7525 jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper\n1595620 - CVE-2017-7657 jetty: HTTP request smuggling\n\n5. Contact:\n\nThe Red Hat security contact is <secalert@redhat.com>. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2014-0007\nSynopsis: VMware product updates address security vulnerabilities in \n Apache Struts library \nIssue date: 2014-06-24\nUpdated on: 2014-06-24 (Initial Advisory)\nCVE number: CVE-2014-0050, CVE-2014-0094, CVE-2014-0112\n- ------------------------------------------------------------------------\n\n1. Summary\n\n VMware product updates address security vulnerabilities in Apache \n Struts library\n\n2. Relevant releases\n\n VMware vCenter Operations Management Suite prior to 5.8.2\n\n3. Problem Description\n\n a. The Apache Struts library is updated to version 2.3.16.2 to \n address multiple security issues. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2014-0050, CVE-2014-0094, and\n CVE-2014-0112 to these issues. \n\n CVE-2014-0112 may lead to remote code execution. This issue was \n found to be only partially addressed in CVE-2014-0094. \n\n CVE-2014-0050 may lead to a denial of service condition. \n\n vCenter Operations Management Suite (vCOps) is affected by both \n CVE-2014-0112 and CVE-2014-0050. Exploitation of CVE-2014-0112\n may lead to remote code execution without authentication. \n\n vCenter Orchestrator (vCO) is affected by CVE-2014-0050 and not \n by CVE-2014-0112. \n\n Workaround\n\n A workaround for CVE-2014-0112 is documented in VMware Knowledge Base\n article 2081470. \n\n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is \n available. \n\n VMware Product\tRunning\tReplace with/\n Product Version\ton\tApply Patch\n ============= =======\t=======\t=================\n vCOPS\t 5.8.x \tany \tvCOPS 5.8.2\n vCOPS 5.7.x any patch pending *\n\n vCO 5.5 any patch pending\n vCO 5.1 any patch pending\n vCO 4.2 any patch pending\n\n *Customers are advised to apply the workaround or update to vCOps\n5.8.2. \n\n4. Solution\n\n Please review the patch/release notes for your product and version \n and verify the checksum of your downloaded file. \n\n vCenter Operations Management Suite 5.8.2\n -----------------------------------------\n Downloads and Documentation:\n https://www.vmware.com/go/download-vcops\n \n5. References\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0094\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0112\n\n http://kb.vmware.com/kb/2081470\n\n- ------------------------------------------------------------------------\n\n6. Change log\n\n 2014-06-24 VMSA-2014-0007\n Initial security advisory in conjunction with the release of vCenter\n Operations Management Suite 5.8.2 on 2014-06-24. \n\n- ------------------------------------------------------------------------\n\n7. Contact\n\n E-mail list for product security notifications and announcements:\n http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\n This Security Advisory is posted to the following lists:\n\n security-announce at lists.vmware.com\n bugtraq at securityfocus.com\n fulldisclosure at seclists.org\n\n E-mail: security at vmware.com\n PGP key at: http://kb.vmware.com/kb/1055\n\n VMware Security Advisories\n http://www.vmware.com/security/advisories\n\n VMware Security Response Policy\n https://www.vmware.com/support/policies/security_response.html\n\n VMware Lifecycle Support Phases\n https://www.vmware.com/support/policies/lifecycle.html\n \n Twitter\n https://twitter.com/VMwareSRC\n\n Copyright 2014 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: Encryption Desktop 10.3.2 (Build 15337)\nCharset: utf-8\n\nwj8DBQFTqi0BDEcm8Vbi9kMRAnCKAJ9otVO7DlXuMnSEGh2TLBzS5hniKgCeMnAM\nCZ5+DYZAydCjMwVgtKqoo7Y=\n=Vwu5\n-----END PGP SIGNATURE-----\n", sources: [ { db: "NVD", id: "CVE-2014-0112", }, { db: "JVNDB", id: "JVNDB-2014-000045", }, { db: "BID", id: "67064", }, { db: "VULMON", id: "CVE-2014-0112", }, { db: "PACKETSTORM", id: "152687", }, { db: "PACKETSTORM", id: "127215", }, ], trust: 2.16, }, exploit_availability: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { reference: "https://vulmon.com/exploitdetails?qidtp=exploitdb&qid=33142", trust: 0.2, type: "exploit", }, ], sources: [ { db: "VULMON", id: "CVE-2014-0112", }, ], }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2014-0112", trust: 3, }, { db: "JVN", id: "JVN19294237", trust: 2.5, }, { db: "JVNDB", id: "JVNDB-2014-000045", trust: 2.5, }, { db: "BID", id: "67064", trust: 2, }, { db: "PACKETSTORM", id: "127215", trust: 1.8, }, { db: "SECUNIA", id: "59500", trust: 1.7, }, { db: "SECUNIA", id: "59178", trust: 1.7, }, { db: "CERT/CC", id: "VU#719225", trust: 0.8, }, { db: "PACKETSTORM", id: "152687", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2019.1493", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-201404-445", trust: 0.6, }, { db: "EXPLOITDB", id: "33142", trust: 0.1, }, { db: "VULMON", id: "CVE-2014-0112", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2014-0112", }, { db: "BID", id: "67064", }, { db: "JVNDB", id: "JVNDB-2014-000045", }, { db: "PACKETSTORM", id: "152687", }, { db: "PACKETSTORM", id: "127215", }, { db: "CNNVD", id: "CNNVD-201404-445", }, { db: "NVD", id: "CVE-2014-0112", }, ], }, id: "VAR-201404-0286", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.1875, }, last_update_date: "2024-04-19T20:14:12.803000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Announcements - 2013 24 April 2014 - Struts up to 2.3.16.1: Zero-Day Exploit Mitigation", trust: 0.8, url: "http://struts.apache.org/announce.html#a20140424", }, { title: "Security Bulletins S2-020", trust: 0.8, url: "http://struts.apache.org/release/2.3.x/docs/s2-020.html", }, { title: "Security Bulletins S2-021", trust: 0.8, url: "http://struts.apache.org/release/2.3.x/docs/s2-021.html", }, { title: "Download a Release of Apache Struts -- Full Releases Struts 2.3.16.2", trust: 0.8, url: "http://struts.apache.org/download.cgi#struts23162", }, { title: "struts-1.2.9-4jpp.8.AXS3 ", trust: 0.8, url: "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=3678&stype=&sproduct=&published=1", }, { title: "Interstage Application Development Cycle Manager(ADM): Apache Struts vulnerable (CVE-2014-0094)", trust: 0.8, url: "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_aplidevcyclemgr_201401.html", }, { title: "CVE-2014-0094, CVE-2014-0114: Apache Struts vulnerable to ClassLoader manipulation", trust: 0.8, url: "http://www.fujitsu.com/global/support/products/software/security/products-f/cve2014-0094-0114e.html", }, { title: "Interstage Business Process Manager Analytics, Systemwalker Service Quality Coordinator: Vulnerability of allowing attackers to \"manipulate\" the ClassLoader (CVE-2014-0094). May 20th, 2014", trust: 0.8, url: "http://www.fujitsu.com/global/support/products/software/security/products-f/interstage-bpma201401e.html", }, { title: "Symfoware Server (Open Interface) : Security vulnerabilities of Struts (CVE-2014-0094, CVE-2014-0112, CVE-2014-0113, CVE-2014-0116)", trust: 0.8, url: "http://software.fujitsu.com/jp/security/products-fujitsu/solution/symfoware_201402.html", }, { title: "Interstage Interaction Manager: Struts1 vulnerability (CVE-2014-0094)", trust: 0.8, url: "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_im_201401.html", }, { title: "Interstage Mobile Manager: Struts1 vulnerability (CVE-2014-0094)", trust: 0.8, url: "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_mm_201401.html", }, { title: "FUJITSU Integrated System HA Database Ready: Struts2 vulnerabilities (CVE-2014-0094,CVE-2014-0112,CVE-2014-0113,CVE-2014-0116)", trust: 0.8, url: "http://software.fujitsu.com/jp/security/products-fujitsu/solution/ha_db_ready_201401.html", }, { title: "1680848", trust: 0.8, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21680848", }, { title: "1681190", trust: 0.8, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21681190", }, { title: "2081470", trust: 0.8, url: "http://kb.vmware.com/selfservice/microsites/search.do?language=en_us&cmd=displaykc&externalid=2081470", }, { title: "NV15-001", trust: 0.8, url: "http://jpn.nec.com/security-info/secinfo/nv15-001.html", }, { title: "Oracle Critical Patch Update Advisory - April 2015", trust: 0.8, url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", }, { title: "Text Form of Oracle Critical Patch Update - April 2015 Risk Matrices", trust: 0.8, url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015verbose-2365613.html", }, { title: "Bug 1091939", trust: 0.8, url: "https://bugzilla.redhat.com/show_bug.cgi?id=1091939", }, { title: "Huawei-SA-20140707-01-Struts2", trust: 0.8, url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm", }, { title: "April 2015 Critical Patch Update Released", trust: 0.8, url: "https://blogs.oracle.com/security/entry/april_2015_critical_patch_update", }, { title: "Alert/Advisory: Multiple Vulnerabilities in Apache Struts on Trend Micro Products", trust: 0.8, url: "http://esupport.trendmicro.com/solution/ja-jp/1103321.aspx", }, { title: "VMSA-2014-0007", trust: 0.8, url: "http://www.vmware.com/security/advisories/vmsa-2014-0007.html", }, { title: "Red Hat: Important: Red Hat Fuse 7.3 security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20190910 - security advisory", }, { title: "Red Hat: CVE-2014-0112", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=cve-2014-0112", }, { title: "VMware Security Advisories: VMware product updates address security vulnerabilities in Apache Struts library", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories&qid=3f8f92a767d3e2773247be2d5077cbee", }, { title: "Oracle: Oracle Critical Patch Update Advisory - April 2015", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=4b527561ba1a5de7a529c8a93679f585", }, { title: "strutt-cve-2014-0114", trust: 0.1, url: "https://github.com/anob3it/strutt-cve-2014-0114 ", }, { title: "-maven-security-versions", trust: 0.1, url: "https://github.com/nagauker/-maven-security-versions ", }, { title: "maven-security-versions-Travis", trust: 0.1, url: "https://github.com/klee94/maven-security-versions-travis ", }, { title: "maven-security-versions", trust: 0.1, url: "https://github.com/victims/maven-security-versions ", }, { title: "victims", trust: 0.1, url: "https://github.com/tmpgit3000/victims ", }, { title: "victims", trust: 0.1, url: "https://github.com/alexsh88/victims ", }, { title: "Threatpost", trust: 0.1, url: "https://threatpost.com/vmware-patches-apache-struts-flaws-in-vcops/106858/", }, ], sources: [ { db: "VULMON", id: "CVE-2014-0112", }, { db: "JVNDB", id: "JVNDB-2014-000045", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-264", trust: 1, }, { problemtype: "CWE-DesignError", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2014-000045", }, { db: "NVD", id: "CVE-2014-0112", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.5, url: "http://jvn.jp/en/jp/jvn19294237/index.html", }, { trust: 2.5, url: "https://access.redhat.com/errata/rhsa-2019:0910", }, { trust: 2.4, url: "http://www.securityfocus.com/bid/67064", }, { trust: 2.3, url: "http://packetstormsecurity.com/files/127215/vmware-security-advisory-2014-0007.html", }, { trust: 2.3, url: "http://www.vmware.com/security/advisories/vmsa-2014-0007.html", }, { trust: 1.7, url: "http://jvndb.jvn.jp/jvndb/jvndb-2014-000045", }, { trust: 1.7, url: "https://bugzilla.redhat.com/show_bug.cgi?id=1091939", }, { trust: 1.7, url: "https://cwiki.apache.org/confluence/display/ww/s2-021", }, { trust: 1.7, url: "http://secunia.com/advisories/59500", }, { trust: 1.7, url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", }, { trust: 1.7, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676706", }, { trust: 1.7, url: "http://secunia.com/advisories/59178", }, { trust: 1.7, url: "http://www.securityfocus.com/archive/1/532549/100/0/threaded", }, { trust: 1.7, url: "http://www.securityfocus.com/archive/1/531952/100/0/threaded", }, { trust: 0.9, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0094", }, { trust: 0.9, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0112", }, { trust: 0.8, url: "http://www.ipa.go.jp/security/ciadr/vul/20140417-struts.html", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0094", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0112", }, { trust: 0.8, url: "http://www.konakart.com/downloads/ver-7-3-0-0-whats-new/", }, { trust: 0.8, url: "http://www.kb.cert.org/vuls/id/719225", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/152687/red-hat-security-advisory-2019-0910-01.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/80006", }, { trust: 0.3, url: "http://struts.apache.org/", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2014-0112", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2014-0112", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/264.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://threatpost.com/vmware-patches-apache-struts-flaws-in-vcops/106858/", }, { trust: 0.1, url: "https://www.exploit-db.com/exploits/33142/", }, { trust: 0.1, url: "http://tools.cisco.com/security/center/viewalert.x?alertid=38390", }, { trust: 0.1, url: "https://www.redhat.com/mailman/listinfo/rhsa-announce", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2017-7657", }, { trust: 0.1, url: "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.3/html-single/release_notes/", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2017-7525", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2017-7525", }, { trust: 0.1, url: "https://bugzilla.redhat.com/):", }, { trust: 0.1, url: "https://access.redhat.com/security/updates/classification/#important", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2017-7657", }, { trust: 0.1, url: "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions&product=jboss.fuse&version=7.3.0", }, { trust: 0.1, url: "https://access.redhat.com/security/team/contact/", }, { trust: 0.1, url: "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.3/", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0050", }, { trust: 0.1, url: "https://twitter.com/vmwaresrc", }, { trust: 0.1, url: "https://www.vmware.com/support/policies/lifecycle.html", }, { trust: 0.1, url: "http://kb.vmware.com/kb/2081470", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1055", }, { trust: 0.1, url: "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce", }, { trust: 0.1, url: "https://www.vmware.com/support/policies/security_response.html", }, { trust: 0.1, url: "http://www.vmware.com/security/advisories", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-0050", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-0094", }, { trust: 0.1, url: "https://www.vmware.com/go/download-vcops", }, ], sources: [ { db: "VULMON", id: "CVE-2014-0112", }, { db: "BID", id: "67064", }, { db: "JVNDB", id: "JVNDB-2014-000045", }, { db: "PACKETSTORM", id: "152687", }, { db: "PACKETSTORM", id: "127215", }, { db: "CNNVD", id: "CNNVD-201404-445", }, { db: "NVD", id: "CVE-2014-0112", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2014-0112", }, { db: "BID", id: "67064", }, { db: "JVNDB", id: "JVNDB-2014-000045", }, { db: "PACKETSTORM", id: "152687", }, { db: "PACKETSTORM", id: "127215", }, { db: "CNNVD", id: "CNNVD-201404-445", }, { db: "NVD", id: "CVE-2014-0112", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2014-04-29T00:00:00", db: "VULMON", id: "CVE-2014-0112", }, { date: "2014-04-24T00:00:00", db: "BID", id: "67064", }, { date: "2014-04-25T00:00:00", db: "JVNDB", id: "JVNDB-2014-000045", }, { date: "2019-04-30T16:20:15", db: "PACKETSTORM", id: "152687", }, { date: "2014-06-25T21:34:12", db: "PACKETSTORM", id: "127215", }, { date: "2014-04-24T00:00:00", db: "CNNVD", id: "CNNVD-201404-445", }, { date: "2014-04-29T10:37:03.670000", db: "NVD", id: "CVE-2014-0112", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-12T00:00:00", db: "VULMON", id: "CVE-2014-0112", }, { date: "2015-04-16T18:14:00", db: "BID", id: "67064", }, { date: "2015-05-08T00:00:00", db: "JVNDB", id: "JVNDB-2014-000045", }, { date: "2019-08-14T00:00:00", db: "CNNVD", id: "CNNVD-201404-445", }, { date: "2019-08-12T21:15:12.360000", db: "NVD", id: "CVE-2014-0112", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201404-445", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Apache Struts vulnerable to ClassLoader manipulation", sources: [ { db: "JVNDB", id: "JVNDB-2014-000045", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "permissions and access control issues", sources: [ { db: "CNNVD", id: "CNNVD-201404-445", }, ], trust: 0.6, }, }
var-201405-0502
Vulnerability from variot
CookieInterceptor in Apache Struts 2.x before 2.3.20, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and modify session state via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0113. This vulnerability CVE-2014-0113 Vulnerability due to insufficient fix for.Through a crafted request by a third party, ClassLoader The " operation " And the session state may change. Apache Struts is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Apache Struts versions 2.0.0 through 2.3.16.2 are vulnerable
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201405-0502", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "struts", scope: "eq", trust: 1.6, vendor: "apache", version: "2.3.15.2", }, { model: "struts", scope: "eq", trust: 1.6, vendor: "apache", version: "2.3.7", }, { model: "struts", scope: "eq", trust: 1.6, vendor: "apache", version: "2.3.15.1", }, { model: "struts", scope: "eq", trust: 1.6, vendor: "apache", version: "2.3.4", }, { model: "struts", scope: "eq", trust: 1.6, vendor: "apache", version: "2.3.15.3", }, { model: "struts", scope: "eq", trust: 1.6, vendor: "apache", version: "2.3.8", }, { model: "struts", scope: "eq", trust: 1.6, vendor: "apache", version: "2.3.3", }, { model: "struts", scope: "eq", trust: 1.6, vendor: "apache", version: "2.3.16.2", }, { model: "struts", scope: "eq", trust: 1.6, vendor: "apache", version: "2.3.16.1", }, { model: "struts", scope: "eq", trust: 1.6, vendor: "apache", version: "2.3.4.1", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.0.6", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.1.8.1", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.1.5", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.3.12", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.3.14", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.3.14.2", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.2.1", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.0.9", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.3.15", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.0.11", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.0.7", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.0.5", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.1.4", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.3.1.1", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.1.0", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.2.1.1", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.1.1", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.2.3", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.0.11.2", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.0.14", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.2.3.1", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.0.11.1", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.0.10", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.0.4", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.0.3", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.0.8", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.3.14.1", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.1.8", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.1.2", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.0.2", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.0.13", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.3.16", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.0.0", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.1.6", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.3.14.3", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.0.12", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.1.3", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.0.1", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.3.1", }, { model: "struts", scope: "eq", trust: 1, vendor: "apache", version: "2.3.1.2", }, { model: "webotx portal", scope: "eq", trust: 0.8, vendor: "nec", version: "v9.1", }, { model: "infocage", scope: "eq", trust: 0.8, vendor: "nec", version: "security risk management v1.0.0 to v2.1.3", }, { model: "serverview", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "resource orchestrator", }, { model: "interstage service integrator", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "struts", scope: "eq", trust: 0.8, vendor: "apache", version: "2.3.16.3", }, { model: "webotx", scope: "eq", trust: 0.8, vendor: "nec", version: "web edition v5.1 to v5.2", }, { model: "interstage application server", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage apworks", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "connections", scope: "eq", trust: 0.8, vendor: "ibm", version: "4.5", }, { model: "systemwalker software configuration manager", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "infocage", scope: "eq", trust: 0.8, vendor: "nec", version: "pc security", }, { model: "webotx application server", scope: "eq", trust: 0.8, vendor: "nec", version: "v7.1", }, { model: "symfoware", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "analytics server", }, { model: "interstage application framework suite", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage application development cycle manager", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "struts", scope: "lt", trust: 0.8, vendor: "apache", version: "2.x", }, { model: "webotx", scope: "eq", trust: 0.8, vendor: "nec", version: "rfid manager lite v2.0", }, { model: "interstage", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "business analytics modeling server", }, { model: "mysql", scope: "lte", trust: 0.8, vendor: "oracle", version: "enterprise monitor 3.0.10 and earlier", }, { model: "webotx portal", scope: "eq", trust: 0.8, vendor: "nec", version: "v8.3 to v8.4", }, { model: "webotx", scope: "eq", trust: 0.8, vendor: "nec", version: "web edition v6.1 to v6.5", }, { model: "webotx", scope: "eq", trust: 0.8, vendor: "nec", version: "enterprise edition v6.1 to v6.5", }, { model: "systemwalker service catalog manager", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "esmpro/servermanager", scope: "lte", trust: 0.8, vendor: "nec", version: "ver5.75 and earlier", }, { model: "cloud infrastructure management software", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "webotx", scope: "eq", trust: 0.8, vendor: "nec", version: "st ard-j edition v5.1 to v5.2", }, { model: "connections", scope: "eq", trust: 0.8, vendor: "ibm", version: "4.0", }, { model: "mysql", scope: "lte", trust: 0.8, vendor: "oracle", version: "enterprise monitor 2.3.16 and earlier", }, { model: "interstage", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "business process manager analytics", }, { model: "integrated system ha database ready", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "triole", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "cloud middle set b set", }, { model: "webotx", scope: "eq", trust: 0.8, vendor: "nec", version: "rfid manager st ard v2.0", }, { model: "webotx", scope: "eq", trust: 0.8, vendor: "nec", version: "st ard-j edition v6.1 to v6.5", }, { model: "webotx", scope: "eq", trust: 0.8, vendor: "nec", version: "st ard edition v6.1 to v6.5", }, { model: "connections", scope: "lte", trust: 0.8, vendor: "ibm", version: "3.0.1.1 and earlier", }, { model: "interstage studio", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "webotx", scope: "eq", trust: 0.8, vendor: "nec", version: "rfid manager enterprise v7.1", }, { model: "interstage", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "extreme transaction processing server", }, { model: "interstage business application server", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "connections", scope: "eq", trust: 0.8, vendor: "ibm", version: "5.0", }, { model: "webotx", scope: "eq", trust: 0.8, vendor: "nec", version: "st ard edition v5.1 to v5.2", }, { model: "webotx developer", scope: "eq", trust: 0.8, vendor: "nec", version: "\"v8.2 to v8.4 (with developers studio only )\"", }, { model: "interstage", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "mobile manager", }, { model: "systemwalker service quality coordinator", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "symfoware", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "server", }, { model: "webotx", scope: "eq", trust: 0.8, vendor: "nec", version: "enterprise edition v5.1 to v5.2", }, { model: "webotx developer", scope: "eq", trust: 0.8, vendor: "nec", version: "\"v9.1 to v9.2 (with developers studio only )\"", }, { model: "interstage job workload server", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.11", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.3.1.2", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.2.11", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.7", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.8", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.2", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.4", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.3", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.6", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.5", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.14", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.2.3.1", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.9", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.8", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.1", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.3.1.1", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.1", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.3", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.8.1", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.4", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.2", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.5", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.12", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.6", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.13", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.10", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.11.2", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.11.1", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.2.3", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.2", }, ], sources: [ { db: "BID", id: "67218", }, { db: "JVNDB", id: "JVNDB-2014-002411", }, { db: "NVD", id: "CVE-2014-0116", }, { db: "CNNVD", id: "CNNVD-201405-150", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:apache:struts:2.0.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.0.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.0.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.0.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.1.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.1.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.2.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.2.1.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.3.14:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.3.14.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.3.16:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.3.16.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.3.16.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.0.11.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.0.12:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.0.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.0.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.1.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.1.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.3.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.3.1.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.3.15:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.3.15.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.3.4.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.3.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.0.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.0.11.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.0.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.0.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.1.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.1.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.1.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.2.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.2.3.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.3.14.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.3.14.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.0.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.0.13:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.0.14:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.0.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.0.9:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.1.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.1.8.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.3.1.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.3.12:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.3.15.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.3.15.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.3.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.3.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:struts:2.3.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2014-0116", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Zubair Ashraf of IBM X-Force", sources: [ { db: "BID", id: "67218", }, ], trust: 0.3, }, cve: "CVE-2014-0116", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "NONE", exploitabilityScore: 8.6, impactScore: 4.9, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Medium", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 5.8, confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2014-0116", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.9, userInteractionRequired: null, vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:P", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2014-0116", trust: 1.8, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201405-150", trust: 0.6, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2014-0116", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULMON", id: "CVE-2014-0116", }, { db: "JVNDB", id: "JVNDB-2014-002411", }, { db: "NVD", id: "CVE-2014-0116", }, { db: "CNNVD", id: "CNNVD-201405-150", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "CookieInterceptor in Apache Struts 2.x before 2.3.20, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to \"manipulate\" the ClassLoader and modify session state via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0113. This vulnerability CVE-2014-0113 Vulnerability due to insufficient fix for.Through a crafted request by a third party, ClassLoader The \" operation \" And the session state may change. Apache Struts is prone to a security-bypass vulnerability. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. \nApache Struts versions 2.0.0 through 2.3.16.2 are vulnerable", sources: [ { db: "NVD", id: "CVE-2014-0116", }, { db: "JVNDB", id: "JVNDB-2014-002411", }, { db: "BID", id: "67218", }, { db: "VULMON", id: "CVE-2014-0116", }, ], trust: 1.98, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2014-0116", trust: 2.8, }, { db: "BID", id: "67218", trust: 2, }, { db: "SECUNIA", id: "59816", trust: 1.7, }, { db: "JVNDB", id: "JVNDB-2014-002411", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201405-150", trust: 0.6, }, { db: "VULMON", id: "CVE-2014-0116", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2014-0116", }, { db: "BID", id: "67218", }, { db: "JVNDB", id: "JVNDB-2014-002411", }, { db: "NVD", id: "CVE-2014-0116", }, { db: "CNNVD", id: "CNNVD-201405-150", }, ], }, id: "VAR-201405-0502", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.1875, }, last_update_date: "2023-12-18T12:38:15.993000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "1680848", trust: 0.8, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21680848", }, { title: "1681190", trust: 0.8, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21681190", }, { title: "NV15-001", trust: 0.8, url: "http://jpn.nec.com/security-info/secinfo/nv15-001.html", }, { title: "Oracle Critical Patch Update Advisory - April 2015", trust: 0.8, url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", }, { title: "Text Form of Oracle Critical Patch Update - April 2015 Risk Matrices", trust: 0.8, url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015verbose-2365613.html", }, { title: "Bug 1094558", trust: 0.8, url: "https://bugzilla.redhat.com/show_bug.cgi?id=1094558", }, { title: "Huawei-SA-20140707-01-Struts2", trust: 0.8, url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm", }, { title: "April 2015 Critical Patch Update Released", trust: 0.8, url: "https://blogs.oracle.com/security/entry/april_2015_critical_patch_update", }, { title: "S2-022", trust: 0.8, url: "http://struts.apache.org/release/2.3.x/docs/s2-022.html", }, { title: "CVE-2014-0094 他 に関する影響", trust: 0.8, url: "http://software.fujitsu.com/jp/security/vulnerabilities/cve2014-0094-0114.html", }, { title: "Symfoware Server(Openインタフェース): Strutsの脆弱性(CVE-2014-0094, CVE-2014-0112, CVE-2014-0113, CVE-2014-0116) (2014年6月2日)", trust: 0.8, url: "http://software.fujitsu.com/jp/security/products-fujitsu/solution/symfoware_201402.html", }, { title: "FUJITSU Integrated System HA Database Ready: Struts2の脆弱性(CVE-2014-0094,CVE-2014-0112,CVE-2014-0113,CVE-2014-0116) (2014年6月19日)", trust: 0.8, url: "http://software.fujitsu.com/jp/security/products-fujitsu/solution/ha_db_ready_201401.html", }, { title: "Red Hat: CVE-2014-0116", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=cve-2014-0116", }, { title: "Oracle: Oracle Critical Patch Update Advisory - April 2015", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=4b527561ba1a5de7a529c8a93679f585", }, { title: "-maven-security-versions", trust: 0.1, url: "https://github.com/nagauker/-maven-security-versions ", }, { title: "maven-security-versions-Travis", trust: 0.1, url: "https://github.com/klee94/maven-security-versions-travis ", }, { title: "maven-security-versions", trust: 0.1, url: "https://github.com/victims/maven-security-versions ", }, { title: "victims", trust: 0.1, url: "https://github.com/tmpgit3000/victims ", }, { title: "victims", trust: 0.1, url: "https://github.com/alexsh88/victims ", }, ], sources: [ { db: "VULMON", id: "CVE-2014-0116", }, { db: "JVNDB", id: "JVNDB-2014-002411", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-264", trust: 1.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2014-002411", }, { db: "NVD", id: "CVE-2014-0116", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "http://struts.apache.org/release/2.3.x/docs/s2-022.html", }, { trust: 1.7, url: "http://www.securityfocus.com/bid/67218", }, { trust: 1.7, url: "http://secunia.com/advisories/59816", }, { trust: 1.7, url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm", }, { trust: 1.7, url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0116", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0116", }, { trust: 0.3, url: "http://struts.apache.org/", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/264.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "http://tools.cisco.com/security/center/viewalert.x?alertid=34163", }, { trust: 0.1, url: "https://github.com/victims/maven-security-versions", }, ], sources: [ { db: "VULMON", id: "CVE-2014-0116", }, { db: "BID", id: "67218", }, { db: "JVNDB", id: "JVNDB-2014-002411", }, { db: "NVD", id: "CVE-2014-0116", }, { db: "CNNVD", id: "CNNVD-201405-150", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2014-0116", }, { db: "BID", id: "67218", }, { db: "JVNDB", id: "JVNDB-2014-002411", }, { db: "NVD", id: "CVE-2014-0116", }, { db: "CNNVD", id: "CNNVD-201405-150", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2014-05-08T00:00:00", db: "VULMON", id: "CVE-2014-0116", }, { date: "2014-05-06T00:00:00", db: "BID", id: "67218", }, { date: "2014-05-09T00:00:00", db: "JVNDB", id: "JVNDB-2014-002411", }, { date: "2014-05-08T10:55:02.967000", db: "NVD", id: "CVE-2014-0116", }, { date: "2014-05-09T00:00:00", db: "CNNVD", id: "CNNVD-201405-150", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-12T00:00:00", db: "VULMON", id: "CVE-2014-0116", }, { date: "2015-04-16T18:14:00", db: "BID", id: "67218", }, { date: "2016-08-02T00:00:00", db: "JVNDB", id: "JVNDB-2014-002411", }, { date: "2019-08-12T21:15:12.703000", db: "NVD", id: "CVE-2014-0116", }, { date: "2019-08-15T00:00:00", db: "CNNVD", id: "CNNVD-201405-150", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201405-150", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Apache Struts of CookieInterceptor In ClassLoader Vulnerability manipulated", sources: [ { db: "JVNDB", id: "JVNDB-2014-002411", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "permissions and access control issues", sources: [ { db: "CNNVD", id: "CNNVD-201405-150", }, ], trust: 0.6, }, }
var-201403-0506
Vulnerability from variot
The ParametersInterceptor in Apache Struts before 2.3.16.2 allows remote attackers to "manipulate" the ClassLoader via the class parameter, which is passed to the getClass method. ** Delete ** This case JVNDB-2014-000045 It was removed because it was found to be duplicated. JVNDB-2014-000045 Please refer to. Apache Struts is prone to a security-bypass vulnerability because it fails to adequately handle user-supplied input. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Apache Struts versions 2.0.0 through 2.3.16 are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2014-0007 Synopsis: VMware product updates address security vulnerabilities in Apache Struts library Issue date: 2014-06-24 Updated on: 2014-06-24 (Initial Advisory) CVE number: CVE-2014-0050, CVE-2014-0094, CVE-2014-0112
-
Summary
VMware product updates address security vulnerabilities in Apache Struts library
-
Relevant releases
VMware vCenter Operations Management Suite prior to 5.8.2
-
Problem Description
a. The Apache Struts library is updated to version 2.3.16.2 to address multiple security issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2014-0050, CVE-2014-0094, and
CVE-2014-0112 to these issues.
CVE-2014-0112 may lead to remote code execution. This issue was
found to be only partially addressed in CVE-2014-0094.
CVE-2014-0050 may lead to a denial of service condition.
vCenter Operations Management Suite (vCOps) is affected by both
CVE-2014-0112 and CVE-2014-0050. Exploitation of CVE-2014-0112
may lead to remote code execution without authentication.
vCenter Orchestrator (vCO) is affected by CVE-2014-0050 and not
by CVE-2014-0112.
Workaround
A workaround for CVE-2014-0112 is documented in VMware Knowledge Base
article 2081470.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======= ======= =================
vCOPS 5.8.x any vCOPS 5.8.2
vCOPS 5.7.x any patch pending *
vCO 5.5 any patch pending
vCO 5.1 any patch pending
vCO 4.2 any patch pending
*Customers are advised to apply the workaround or update to vCOps
5.8.2.
- Solution
Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.
vCenter Operations Management Suite 5.8.2
Downloads and Documentation: https://www.vmware.com/go/download-vcops
- References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0112
http://kb.vmware.com/kb/2081470
- Change log
2014-06-24 VMSA-2014-0007 Initial security advisory in conjunction with the release of vCenter Operations Management Suite 5.8.2 on 2014-06-24.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
security-announce at lists.vmware.com
bugtraq at securityfocus.com
fulldisclosure at seclists.org
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Advisories http://www.vmware.com/security/advisories
VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html
VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html
Twitter https://twitter.com/VMwareSRC
Copyright 2014 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: Encryption Desktop 10.3.2 (Build 15337) Charset: utf-8
wj8DBQFTqi0BDEcm8Vbi9kMRAnCKAJ9otVO7DlXuMnSEGh2TLBzS5hniKgCeMnAM CZ5+DYZAydCjMwVgtKqoo7Y= =Vwu5 -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201403-0506", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "struts", scope: "lt", trust: 1.8, vendor: "apache", version: "2.3.16.1", }, { model: "struts", scope: "gte", trust: 1, vendor: "apache", version: "2.0.0", }, { model: "integrated system ha database ready", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "business analytics modeling server", }, { model: "interstage", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "business process manager analytics", }, { model: "interstage", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "extreme transaction processing server", }, { model: "interstage", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "mobile manager", }, { model: "interstage application development cycle manager", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage application framework suite", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage application server", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage apworks", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage business application server", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage job workload server", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage service integrator", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage studio", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "serverview", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "resource orchestrator", }, { model: "symfoware", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "analytics server", }, { model: "symfoware", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "server", }, { model: "systemwalker service catalog manager", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "systemwalker service quality coordinator", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "systemwalker software configuration manager", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "triole", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "cloud middle set b set", }, { model: "cloud infrastructure management software", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "struts", scope: "eq", trust: 0.6, vendor: "apache", version: "2.3.12", }, { model: "struts", scope: "eq", trust: 0.6, vendor: "apache", version: "2.3.1", }, { model: "struts", scope: "eq", trust: 0.6, vendor: "apache", version: "2.3.14.2", }, { model: "struts", scope: "eq", trust: 0.6, vendor: "apache", version: "2.0.11.1", }, { model: "struts", scope: "eq", trust: 0.6, vendor: "apache", version: "2.3.15.1", }, { model: "struts", scope: "eq", trust: 0.6, vendor: "apache", version: "2.3.14", }, { model: "struts", scope: "eq", trust: 0.6, vendor: "apache", version: "2.3.15.3", }, { model: "struts", scope: "eq", trust: 0.6, vendor: "apache", version: "2.3.14.3", }, { model: "struts", scope: "eq", trust: 0.6, vendor: "apache", version: "2.3.15", }, { model: "struts", scope: "eq", trust: 0.6, vendor: "apache", version: "2.0.11.2", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.11", }, { model: "storwize unified", scope: "eq", trust: 0.3, vendor: "ibm", version: "v70001.3.0.0", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.3.1.2", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.2.11", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.7", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.8", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.2", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.4", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.3", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.6", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.5", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.14", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.2.3.1", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.9", }, { model: "storwize unified", scope: "eq", trust: 0.3, vendor: "ibm", version: "v70001.3.1.0", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.8", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.1", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.3.1.1", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.1", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.3", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.8.1", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.4", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.2", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.5", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.12", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.6", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.13", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.10", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.11.2", }, { model: "storwize unified", scope: "eq", trust: 0.3, vendor: "ibm", version: "v70001.3.0.5", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.11.1", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.2.3", }, { model: "software foundation struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.2", }, ], sources: [ { db: "BID", id: "65999", }, { db: "JVNDB", id: "JVNDB-2014-001603", }, { db: "CNNVD", id: "CNNVD-201403-191", }, { db: "NVD", id: "CVE-2014-0094", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.16.1", versionStartIncluding: "2.0.0", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2014-0094", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Mark Thomas and Przemyslaw Celej", sources: [ { db: "BID", id: "65999", }, ], trust: 0.3, }, cve: "CVE-2014-0094", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, impactScore: 2.9, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULMON", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CVE-2014-0094", impactScore: 2.9, integrityImpact: "PARTIAL", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "MEDIUM", trust: 0.1, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2014-0094", trust: 1, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201403-191", trust: 0.6, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2014-0094", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULMON", id: "CVE-2014-0094", }, { db: "CNNVD", id: "CNNVD-201403-191", }, { db: "NVD", id: "CVE-2014-0094", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "The ParametersInterceptor in Apache Struts before 2.3.16.2 allows remote attackers to \"manipulate\" the ClassLoader via the class parameter, which is passed to the getClass method. ** Delete ** This case JVNDB-2014-000045 It was removed because it was found to be duplicated. JVNDB-2014-000045 Please refer to. Apache Struts is prone to a security-bypass vulnerability because it fails to adequately handle user-supplied input. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. \nApache Struts versions 2.0.0 through 2.3.16 are vulnerable. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2014-0007\nSynopsis: VMware product updates address security vulnerabilities in \n Apache Struts library \nIssue date: 2014-06-24\nUpdated on: 2014-06-24 (Initial Advisory)\nCVE number: CVE-2014-0050, CVE-2014-0094, CVE-2014-0112\n- ------------------------------------------------------------------------\n\n1. Summary\n\n VMware product updates address security vulnerabilities in Apache \n Struts library\n\n2. Relevant releases\n\n VMware vCenter Operations Management Suite prior to 5.8.2\n\n3. Problem Description\n\n a. The Apache Struts library is updated to version 2.3.16.2 to \n address multiple security issues. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2014-0050, CVE-2014-0094, and\n CVE-2014-0112 to these issues. \n\n CVE-2014-0112 may lead to remote code execution. This issue was \n found to be only partially addressed in CVE-2014-0094. \n\n CVE-2014-0050 may lead to a denial of service condition. \n\n vCenter Operations Management Suite (vCOps) is affected by both \n CVE-2014-0112 and CVE-2014-0050. Exploitation of CVE-2014-0112\n may lead to remote code execution without authentication. \n\n vCenter Orchestrator (vCO) is affected by CVE-2014-0050 and not \n by CVE-2014-0112. \n\n Workaround\n\n A workaround for CVE-2014-0112 is documented in VMware Knowledge Base\n article 2081470. \n\n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is \n available. \n\n VMware Product\tRunning\tReplace with/\n Product Version\ton\tApply Patch\n ============= =======\t=======\t=================\n vCOPS\t 5.8.x \tany \tvCOPS 5.8.2\n vCOPS 5.7.x any patch pending *\n\n vCO 5.5 any patch pending\n vCO 5.1 any patch pending\n vCO 4.2 any patch pending\n\n *Customers are advised to apply the workaround or update to vCOps\n5.8.2. \n\n4. Solution\n\n Please review the patch/release notes for your product and version \n and verify the checksum of your downloaded file. \n\n vCenter Operations Management Suite 5.8.2\n -----------------------------------------\n Downloads and Documentation:\n https://www.vmware.com/go/download-vcops\n \n5. References\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0094\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0112\n\n http://kb.vmware.com/kb/2081470\n\n- ------------------------------------------------------------------------\n\n6. Change log\n\n 2014-06-24 VMSA-2014-0007\n Initial security advisory in conjunction with the release of vCenter\n Operations Management Suite 5.8.2 on 2014-06-24. \n\n- ------------------------------------------------------------------------\n\n7. Contact\n\n E-mail list for product security notifications and announcements:\n http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\n This Security Advisory is posted to the following lists:\n\n security-announce at lists.vmware.com\n bugtraq at securityfocus.com\n fulldisclosure at seclists.org\n\n E-mail: security at vmware.com\n PGP key at: http://kb.vmware.com/kb/1055\n\n VMware Security Advisories\n http://www.vmware.com/security/advisories\n\n VMware Security Response Policy\n https://www.vmware.com/support/policies/security_response.html\n\n VMware Lifecycle Support Phases\n https://www.vmware.com/support/policies/lifecycle.html\n \n Twitter\n https://twitter.com/VMwareSRC\n\n Copyright 2014 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: Encryption Desktop 10.3.2 (Build 15337)\nCharset: utf-8\n\nwj8DBQFTqi0BDEcm8Vbi9kMRAnCKAJ9otVO7DlXuMnSEGh2TLBzS5hniKgCeMnAM\nCZ5+DYZAydCjMwVgtKqoo7Y=\n=Vwu5\n-----END PGP SIGNATURE-----\n", sources: [ { db: "NVD", id: "CVE-2014-0094", }, { db: "JVNDB", id: "JVNDB-2014-001603", }, { db: "BID", id: "65999", }, { db: "VULMON", id: "CVE-2014-0094", }, { db: "PACKETSTORM", id: "127215", }, ], trust: 2.07, }, exploit_availability: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { reference: "https://vulmon.com/exploitdetails?qidtp=exploitdb&qid=41690", trust: 0.2, type: "exploit", }, ], sources: [ { db: "VULMON", id: "CVE-2014-0094", }, ], }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2014-0094", trust: 2.9, }, { db: "SECTRACK", id: "1029876", trust: 2.4, }, { db: "BID", id: "65999", trust: 1.9, }, { db: "PACKETSTORM", id: "127215", trust: 1.7, }, { db: "JVN", id: "JVN19294237", trust: 1.6, }, { db: "SECUNIA", id: "56440", trust: 1.6, }, { db: "SECUNIA", id: "59178", trust: 1.6, }, { db: "JVNDB", id: "JVNDB-2014-000045", trust: 1.6, }, { db: "JVNDB", id: "JVNDB-2014-001603", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201403-191", trust: 0.6, }, { db: "VULMON", id: "CVE-2014-0094", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2014-0094", }, { db: "BID", id: "65999", }, { db: "JVNDB", id: "JVNDB-2014-001603", }, { db: "PACKETSTORM", id: "127215", }, { db: "CNNVD", id: "CNNVD-201403-191", }, { db: "NVD", id: "CVE-2014-0094", }, ], }, id: "VAR-201403-0506", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.1875, }, last_update_date: "2024-04-20T19:59:14.400000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "S2-021", trust: 0.8, url: "http://struts.apache.org/release/2.3.x/docs/s2-021.html", }, { title: "S2-020", trust: 0.8, url: "http://struts.apache.org/release/2.3.x/docs/s2-020.html", }, { title: "CVE-2014-0094 他 に関する影響", trust: 0.8, url: "http://software.fujitsu.com/jp/security/vulnerabilities/cve2014-0094-0114.html", }, { title: "Interstage BPMA他 CVE-2014-0094", trust: 0.8, url: "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_bpma201401.html", }, { title: "Interstage Application Development Cycle Manager(ADM): strutsの脆弱性(CVE-2014-0094) (2014年5月27日)", trust: 0.8, url: "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_aplidevcyclemgr_201401.html", }, { title: "Symfoware Server(Openインタフェース): Strutsの脆弱性(CVE-2014-0094, CVE-2014-0112, CVE-2014-0113, CVE-2014-0116) (2014年6月2日)", trust: 0.8, url: "http://software.fujitsu.com/jp/security/products-fujitsu/solution/symfoware_201402.html", }, { title: "struts-2.3.16.1-all", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=48603", }, { title: "Debian CVElist Bug Report Logs: libstruts1.2-java: CVE-2014-0114", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=96f4091aa31a0ece729fdcb110066df5", }, { title: "Red Hat: CVE-2014-0094", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=cve-2014-0094", }, { title: "VMware Security Advisories: VMware product updates address security vulnerabilities in Apache Struts library", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories&qid=3f8f92a767d3e2773247be2d5077cbee", }, { title: "Oracle: Oracle Critical Patch Update Advisory - April 2015", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=4b527561ba1a5de7a529c8a93679f585", }, { title: "CVE-2014-0094-test-program-for-struts1", trust: 0.1, url: "https://github.com/hasegawatadamitsu/cve-2014-0094-test-program-for-struts1 ", }, ], sources: [ { db: "VULMON", id: "CVE-2014-0094", }, { db: "JVNDB", id: "JVNDB-2014-001603", }, { db: "CNNVD", id: "CNNVD-201403-191", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "NVD-CWE-noinfo", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2014-0094", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.4, url: "http://www.securitytracker.com/id/1029876", }, { trust: 1.6, url: "http://jvn.jp/en/jp/jvn19294237/index.html", }, { trust: 1.6, url: "http://www.securityfocus.com/archive/1/532549/100/0/threaded", }, { trust: 1.6, url: "http://jvndb.jvn.jp/jvndb/jvndb-2014-000045", }, { trust: 1.6, url: "http://www.vmware.com/security/advisories/vmsa-2014-0007.html", }, { trust: 1.6, url: "http://www.securityfocus.com/archive/1/531362/100/0/threaded", }, { trust: 1.6, url: "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm", }, { trust: 1.6, url: "http://secunia.com/advisories/59178", }, { trust: 1.6, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676706", }, { trust: 1.6, url: "http://secunia.com/advisories/56440", }, { trust: 1.6, url: "http://www.securityfocus.com/bid/65999", }, { trust: 1.6, url: "http://packetstormsecurity.com/files/127215/vmware-security-advisory-2014-0007.html", }, { trust: 1.6, url: "http://www.konakart.com/downloads/ver-7-3-0-0-whats-new", }, { trust: 1.6, url: "http://struts.apache.org/release/2.3.x/docs/s2-020.html", }, { trust: 1.6, url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", }, { trust: 0.9, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0094", }, { trust: 0.8, url: "http://www.ipa.go.jp/security/ciadr/vul/20140417-struts.html", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0094", }, { trust: 0.3, url: "http://struts.apache.org/", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0050", }, { trust: 0.1, url: "https://twitter.com/vmwaresrc", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-0112", }, { trust: 0.1, url: "https://www.vmware.com/support/policies/lifecycle.html", }, { trust: 0.1, url: "http://kb.vmware.com/kb/2081470", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0112", }, { trust: 0.1, url: "http://kb.vmware.com/kb/1055", }, { trust: 0.1, url: "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce", }, { trust: 0.1, url: "https://www.vmware.com/support/policies/security_response.html", }, { trust: 0.1, url: "http://www.vmware.com/security/advisories", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-0050", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-0094", }, { trust: 0.1, url: "https://www.vmware.com/go/download-vcops", }, ], sources: [ { db: "BID", id: "65999", }, { db: "JVNDB", id: "JVNDB-2014-001603", }, { db: "PACKETSTORM", id: "127215", }, { db: "CNNVD", id: "CNNVD-201403-191", }, { db: "NVD", id: "CVE-2014-0094", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2014-0094", }, { db: "BID", id: "65999", }, { db: "JVNDB", id: "JVNDB-2014-001603", }, { db: "PACKETSTORM", id: "127215", }, { db: "CNNVD", id: "CNNVD-201403-191", }, { db: "NVD", id: "CVE-2014-0094", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2014-03-11T00:00:00", db: "VULMON", id: "CVE-2014-0094", }, { date: "2014-03-06T00:00:00", db: "BID", id: "65999", }, { date: "2014-03-12T00:00:00", db: "JVNDB", id: "JVNDB-2014-001603", }, { date: "2014-06-25T21:34:12", db: "PACKETSTORM", id: "127215", }, { date: "2014-03-12T00:00:00", db: "CNNVD", id: "CNNVD-201403-191", }, { date: "2014-03-11T13:00:37.107000", db: "NVD", id: "CVE-2014-0094", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-12T00:00:00", db: "VULMON", id: "CVE-2014-0094", }, { date: "2015-07-15T00:14:00", db: "BID", id: "65999", }, { date: "2014-06-03T00:00:00", db: "JVNDB", id: "JVNDB-2014-001603", }, { date: "2019-08-15T00:00:00", db: "CNNVD", id: "CNNVD-201403-191", }, { date: "2019-08-12T21:15:12.140000", db: "NVD", id: "CVE-2014-0094", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201403-191", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "** Delete ** Apache Struts of ParametersInterceptor In ClassLoader Vulnerability manipulated", sources: [ { db: "JVNDB", id: "JVNDB-2014-001603", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-201403-191", }, ], trust: 0.6, }, }
var-202002-0484
Vulnerability from variot
The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V11 and other versions, Interstage Job Workload Server V8, Interstage List Works V10 and other versions, Interstage Studio V12 and other versions, Interstage Web Server Express V11, Linkexpress V5, Safeauthor V3, ServerView Resource Orchestrator V3, Systemwalker Cloud Business Service Management V1, Systemwalker Desktop Keeper V15, Systemwalker Desktop Patrol V15, Systemwalker IT Change Manager V14, Systemwalker Operation Manager V16 and other versions, Systemwalker Runbook Automation V15 and other versions, Systemwalker Security Control V1, and Systemwalker Software Configuration Manager V15. Interstage and Systemwalker Related products etc. TLS For operation TLS Multiple product vulnerabilities related to CVE-2019-13163 ) Exists.A man-in-the-middle attacker between the server and the client could break the encrypted communication
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202002-0484", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "triole cloud middle set b set", scope: "eq", trust: 1, vendor: "fujitsu", version: "1.0.0", }, { model: "interstage list works", scope: "eq", trust: 1, vendor: "fujitsu", version: "10.3.2", }, { model: "systemwalker desktop keeper", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.1.0", }, { model: "systemwalker desktop patrol", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.1.3e", }, { model: "systemwalker operation manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "13.6.0", }, { model: "systemwalker operation manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "13.8.0", }, { model: "systemwalker runbook automation", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.0.0", }, { model: "primepower", scope: "eq", trust: 1, vendor: "fujitsu", version: null, }, { model: "primergy rx2540 m5", scope: "eq", trust: 1, vendor: "fujitsu", version: null, }, { model: "interstage application server", scope: "eq", trust: 1, vendor: "fujitsu", version: "8.0.2", }, { model: "systemwalker operation manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "16.0.0a", }, { model: "systemwalker security control", scope: "eq", trust: 1, vendor: "fujitsu", version: "1.0.0", }, { model: "systemwalker desktop keeper", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.1.1", }, { model: "systemwalker operation manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "13.9.1", }, { model: "systemwalker desktop patrol", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.2.0", }, { model: "safeauthor", scope: "eq", trust: 1, vendor: "fujitsu", version: "3.1", }, { model: "interstage list works", scope: "eq", trust: 1, vendor: "fujitsu", version: "10.2.0", }, { model: "interstage list works", scope: "eq", trust: 1, vendor: "fujitsu", version: "10.3.1", }, { model: "systemwalker desktop patrol", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.0.1b", }, { model: "systemwalker runbook automation", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.1.2a", }, { model: "interstage studio", scope: "eq", trust: 1, vendor: "fujitsu", version: "10.0.0", }, { model: "systemwalker security control", scope: "eq", trust: 1, vendor: "fujitsu", version: "1.0.0b", }, { model: "systemwalker operation manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "13.9.0", }, { model: "interstage studio", scope: "eq", trust: 1, vendor: "fujitsu", version: "9.2.0", }, { model: "systemwalker desktop patrol", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.1.3", }, { model: "interstage application server", scope: "eq", trust: 1, vendor: "fujitsu", version: "10.1.0", }, { model: "interstage list works", scope: "eq", trust: 1, vendor: "fujitsu", version: "9.0.1", }, { model: "systemwalker desktop patrol", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.1.1", }, { model: "interstage application development cycle manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "10.2", }, { model: "interstage application development cycle manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "10.1.1", }, { model: "interstage application server", scope: "eq", trust: 1, vendor: "fujitsu", version: "9.0.0", }, { model: "systemwalker desktop patrol", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.1.0e", }, { model: "interstage list works", scope: "eq", trust: 1, vendor: "fujitsu", version: "9.0.1a", }, { model: "systemwalker desktop keeper", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.1.1e", }, { model: "systemwalker desktop keeper", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.1.3e", }, { model: "systemwalker it change manager v14g", scope: "eq", trust: 1, vendor: "fujitsu", version: "14.0.0", }, { model: "granpower 5000", scope: "eq", trust: 1, vendor: "fujitsu", version: null, }, { model: "interstage studio", scope: "eq", trust: 1, vendor: "fujitsu", version: "9.1.0", }, { model: "systemwalker software configuration manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.5.0", }, { model: "linkexpress", scope: "eq", trust: 1, vendor: "fujitsu", version: "5.0l21", }, { model: "interstage list works", scope: "eq", trust: 1, vendor: "fujitsu", version: "10.3.0b", }, { model: "systemwalker security control", scope: "eq", trust: 1, vendor: "fujitsu", version: "1.0.0a", }, { model: "interstage business application manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "1.1", }, { model: "triole cloud middle set b set", scope: "eq", trust: 1, vendor: "fujitsu", version: "1.1.0", }, { model: "systemwalker software configuration manager express", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.6.0", }, { model: "interstage studio", scope: "eq", trust: 1, vendor: "fujitsu", version: "11.1.0", }, { model: "interstage application development cycle manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "10.3.2", }, { model: "serverview resource orchestrator", scope: "eq", trust: 1, vendor: "fujitsu", version: "3.3.0", }, { model: "systemwalker desktop patrol", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.1.0a", }, { model: "systemwalker desktop patrol", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.1.1e", }, { model: "systemwalker it change manager v14g", scope: "eq", trust: 1, vendor: "fujitsu", version: "14.0.0a", }, { model: "systemwalker runbook automation", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.0.0a", }, { model: "systemwalker desktop keeper", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.0.1b", }, { model: "interstage studio", scope: "eq", trust: 1, vendor: "fujitsu", version: "9.1.0b", }, { model: "sparc m12-2s", scope: "eq", trust: 1, vendor: "fujitsu", version: null, }, { model: "interstage list works", scope: "eq", trust: 1, vendor: "fujitsu", version: "10.3.0", }, { model: "interstage list works", scope: "eq", trust: 1, vendor: "fujitsu", version: "10.3.2a", }, { model: "systemwalker desktop keeper", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.1.3", }, { model: "systemwalker desktop patrol", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.0.1a", }, { model: "interstage job workload server", scope: "eq", trust: 1, vendor: "fujitsu", version: "8.1.1", }, { model: "gp7000f", scope: "eq", trust: 1, vendor: "fujitsu", version: null, }, { model: "systemwalker desktop keeper", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.1.0e", }, { model: "systemwalker desktop patrol", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.3.0", }, { model: "interstage application server", scope: "eq", trust: 1, vendor: "fujitsu", version: "10.0.0", }, { model: "interstage application server", scope: "eq", trust: 1, vendor: "fujitsu", version: "9.2.0a", }, { model: "interstage application server", scope: "eq", trust: 1, vendor: "fujitsu", version: "9.2.0", }, { model: "interstage application development cycle manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "10.3", }, { model: "triole cloud middle set b set", scope: "eq", trust: 1, vendor: "fujitsu", version: "1.2.0", }, { model: "serverview resource orchestrator", scope: "eq", trust: 1, vendor: "fujitsu", version: "3.1.2", }, { model: "interstage business application manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "2.0.1", }, { model: "systemwalker desktop patrol", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.3.0a", }, { model: "systemwalker desktop keeper", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.0.1", }, { model: "interstage studio", scope: "eq", trust: 1, vendor: "fujitsu", version: "12.0.0", }, { model: "sparc enterprise m4000", scope: "eq", trust: 1, vendor: "fujitsu", version: null, }, { model: "sparc enterprise m8000", scope: "eq", trust: 1, vendor: "fujitsu", version: null, }, { model: "serverview resource orchestrator", scope: "eq", trust: 1, vendor: "fujitsu", version: "3.1.1", }, { model: "interstage application server", scope: "eq", trust: 1, vendor: "fujitsu", version: "8.0.0", }, { model: "interstage business application manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "1.0l20", }, { model: "serverview resource orchestrator", scope: "eq", trust: 1, vendor: "fujitsu", version: "3.2.0", }, { model: "systemwalker it change manager v14g", scope: "eq", trust: 1, vendor: "fujitsu", version: "14.1.0", }, { model: "interstage application server", scope: "eq", trust: 1, vendor: "fujitsu", version: "9.3.1", }, { model: "interstage application server", scope: "eq", trust: 1, vendor: "fujitsu", version: "9.1.0", }, { model: "systemwalker desktop patrol", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.0.0a", }, { model: "systemwalker desktop patrol", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.2.0e", }, { model: "systemwalker desktop keeper", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.0.0b", }, { model: "systemwalker operation manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "13.7.0a", }, { model: "systemwalker runbook automation v14g", scope: "eq", trust: 1, vendor: "fujitsu", version: "14.1.0", }, { model: "systemwalker desktop keeper", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.1.2e", }, { model: "primergy tx2550 m5", scope: "eq", trust: 1, vendor: "fujitsu", version: null, }, { model: "systemwalker desktop keeper", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.0.1a", }, { model: "sparc m12-2", scope: "eq", trust: 1, vendor: "fujitsu", version: null, }, { model: "sparc enterprise m5000", scope: "eq", trust: 1, vendor: "fujitsu", version: null, }, { model: "interstage application server", scope: "eq", trust: 1, vendor: "fujitsu", version: "8.0.3", }, { model: "interstage application server", scope: "eq", trust: 1, vendor: "fujitsu", version: "11.1.0", }, { model: "interstage list works", scope: "eq", trust: 1, vendor: "fujitsu", version: "10.1.0", }, { model: "serverview resource orchestrator", scope: "eq", trust: 1, vendor: "fujitsu", version: "3.0.0", }, { model: "systemwalker desktop patrol", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.0.1", }, { model: "systemwalker software configuration manager express", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.5.0a", }, { model: "interstage application server", scope: "eq", trust: 1, vendor: "fujitsu", version: "8.0.1", }, { model: "interstage business application manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "1.0l21", }, { model: "interstage studio", scope: "eq", trust: 1, vendor: "fujitsu", version: "11.1.0a", }, { model: "interstage application server", scope: "eq", trust: 1, vendor: "fujitsu", version: "9.0.1b", }, { model: "systemwalker desktop keeper", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.3.0", }, { model: "interstage application server", scope: "eq", trust: 1, vendor: "fujitsu", version: "9.0.0b", }, { model: "interstage application server", scope: "eq", trust: 1, vendor: "fujitsu", version: "9.1.0b", }, { model: "systemwalker operation manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "13.6.1", }, { model: "celsius", scope: "eq", trust: 1, vendor: "fujitsu", version: null, }, { model: "interstage list works", scope: "eq", trust: 1, vendor: "fujitsu", version: "10.3.0a", }, { model: "interstage application development cycle manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "10.0a", }, { model: "interstage application development cycle manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "10.3.1a", }, { model: "interstage studio", scope: "eq", trust: 1, vendor: "fujitsu", version: "12.2.0", }, { model: "systemwalker runbook automation", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.1.2", }, { model: "interstage application development cycle manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "10.2.0", }, { model: "interstage application development cycle manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "10.3.1", }, { model: "interstage list works", scope: "eq", trust: 1, vendor: "fujitsu", version: "10.3.0c", }, { model: "systemwalker operation manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "16.0.1", }, { model: "interstage information integrator agent", scope: "eq", trust: 1, vendor: "fujitsu", version: "11.3.0", }, { model: "triole cloud middle set b set", scope: "eq", trust: 1, vendor: "fujitsu", version: "1.1.1", }, { model: "systemwalker desktop keeper", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.2.0e", }, { model: "systemwalker operation manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "13.4.1", }, { model: "systemwalker operation manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "13.7.0", }, { model: "interstage web server express", scope: "eq", trust: 1, vendor: "fujitsu", version: "11.1.0", }, { model: "sparc enterprise m9000", scope: "eq", trust: 1, vendor: "fujitsu", version: null, }, { model: "interstage application development cycle manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "10.1", }, { model: "interstage application server", scope: "eq", trust: 1, vendor: "fujitsu", version: "11.1.1", }, { model: "systemwalker runbook automation", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.1.0", }, { model: "interstage application server", scope: "eq", trust: 1, vendor: "fujitsu", version: "11.0.0", }, { model: "interstage application server", scope: "eq", trust: 1, vendor: "fujitsu", version: "9.1.0a", }, { model: "interstage studio", scope: "eq", trust: 1, vendor: "fujitsu", version: "11.0.0", }, { model: "interstage application server", scope: "eq", trust: 1, vendor: "fujitsu", version: "12.0.0", }, { model: "systemwalker runbook automation", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.1.3a", }, { model: "systemwalker software configuration manager express", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.5.0", }, { model: "interstage business application manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "1.0l10", }, { model: "interstage information integrator", scope: "eq", trust: 1, vendor: "fujitsu", version: "11.3.0", }, { model: "systemwalker operation manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "16.0.0", }, { model: "interstage list works", scope: "eq", trust: 1, vendor: "fujitsu", version: "10.0.0", }, { model: "systemwalker software configuration manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.6.0", }, { model: "systemwalker software configuration manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.5.0a", }, { model: "interstage application development cycle manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "10.0", }, { model: "interstage list works", scope: "eq", trust: 1, vendor: "fujitsu", version: "10.4.0", }, { model: "primergy rx4770 m5", scope: "eq", trust: 1, vendor: "fujitsu", version: null, }, { model: "systemwalker operation manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "13.4.0", }, { model: "linkexpress", scope: "eq", trust: 1, vendor: "fujitsu", version: "5.0l20", }, { model: "primergy rx2530 m5", scope: "eq", trust: 1, vendor: "fujitsu", version: null, }, { model: "serverview resource orchestrator", scope: "eq", trust: 1, vendor: "fujitsu", version: "3.4.0", }, { model: "interstage application server", scope: "eq", trust: 1, vendor: "fujitsu", version: "9.0.1", }, { model: "interstage web server express", scope: "eq", trust: 1, vendor: "fujitsu", version: "11.1.1", }, { model: "safeauthor", scope: "eq", trust: 1, vendor: "fujitsu", version: "3.3", }, { model: "interstage web server express", scope: "eq", trust: 1, vendor: "fujitsu", version: "11.0.0", }, { model: "serverview resource orchestrator", scope: "eq", trust: 1, vendor: "fujitsu", version: "3.1.0", }, { model: "primequest", scope: "eq", trust: 1, vendor: "fujitsu", version: null, }, { model: "interstage application development cycle manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "10.3.0", }, { model: "systemwalker desktop patrol", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.1.0", }, { model: "interstage application server", scope: "eq", trust: 1, vendor: "fujitsu", version: "12.2.0", }, { model: "systemwalker operation manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "13.4.0b", }, { model: "linkexpress", scope: "eq", trust: 1, vendor: "fujitsu", version: "v5.0l20", }, { model: "interstage studio", scope: "eq", trust: 1, vendor: "fujitsu", version: "10.1.0", }, { model: "interstage application server", scope: "eq", trust: 1, vendor: "fujitsu", version: "12.1.0", }, { model: "interstage business application manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "2.0.0", }, { model: "interstage application server", scope: "eq", trust: 1, vendor: "fujitsu", version: "11.2.0", }, { model: "interstage studio", scope: "eq", trust: 1, vendor: "fujitsu", version: "12.1.0", }, { model: "sparc enterprise m3000", scope: "eq", trust: 1, vendor: "fujitsu", version: null, }, { model: "gps", scope: "eq", trust: 1, vendor: "fujitsu", version: null, }, { model: "safeauthor", scope: "eq", trust: 1, vendor: "fujitsu", version: "3.6l10", }, { model: "safeauthor", scope: "eq", trust: 1, vendor: "fujitsu", version: "3.4", }, { model: "sparc m12-1", scope: "eq", trust: 1, vendor: "fujitsu", version: null, }, { model: "interstage application server", scope: "eq", trust: 1, vendor: "fujitsu", version: "9.3.0", }, { model: "safeauthor", scope: "eq", trust: 1, vendor: "fujitsu", version: "3.0", }, { model: "systemwalker runbook automation v14g", scope: "eq", trust: 1, vendor: "fujitsu", version: "14.1.0a", }, { model: "systemwalker operation manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "13.4.1a", }, { model: "systemwalker it change manager v14g", scope: "eq", trust: 1, vendor: "fujitsu", version: "14.1.1", }, { model: "systemwalker runbook automation", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.1.3", }, { model: "systemwalker desktop keeper", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.1.2", }, { model: "triole cloud middle set b set", scope: "eq", trust: 1, vendor: "fujitsu", version: "1.1.2", }, { model: "systemwalker runbook automation", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.1.1", }, { model: "systemwalker operation manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "13.8.0a", }, { model: "systemwalker desktop keeper", scope: "eq", trust: 1, vendor: "fujitsu", version: "15.2.0", }, { model: "systemwalker operation manager", scope: "eq", trust: 1, vendor: "fujitsu", version: "13.8.0e", }, { model: "internet navigware enterprise lms server", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage application development cycle manager", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage application server", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage big data complex event processing server", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage business application manager", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage information integrator", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage information integrator agent", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage job workload server", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage list works", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage mobile application server", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage studio", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage web server express", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "linkexpress", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "safeauthor", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "serverview resource orchestrator", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "symfoware analytics server", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "symfoware server", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "systemwalker centric manager", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "systemwalker cloud business service management", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "systemwalker desktop keeper", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "systemwalker desktop patrol", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "systemwalker it change manager", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "systemwalker operation manager", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "systemwalker runbook automation", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "systemwalker security control", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "systemwalker software configuration manager", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "systemwalker software configuration manager express", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "triole", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "クラウドミドルセット bセット", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-002248", }, { db: "NVD", id: "CVE-2019-13163", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fujitsu:gp7000f_firmware:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:fujitsu:gp7000f:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fujitsu:primepower_firmware:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:fujitsu:primepower:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fujitsu:gps_firmware:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:fujitsu:gps:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fujitsu:sparc_enterprise_m3000_firmware:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:fujitsu:sparc_enterprise_m3000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fujitsu:sparc_enterprise_m4000_firmware:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:fujitsu:sparc_enterprise_m4000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fujitsu:sparc_enterprise_m5000_firmware:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:fujitsu:sparc_enterprise_m5000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fujitsu:sparc_enterprise_m8000_firmware:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:fujitsu:sparc_enterprise_m8000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fujitsu:sparc_enterprise_m9000_firmware:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:fujitsu:sparc_enterprise_m9000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fujitsu:sparc_m12-1_firmware:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:fujitsu:sparc_m12-1:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fujitsu:sparc_m12-2_firmware:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:fujitsu:sparc_m12-2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fujitsu:sparc_m12-2s_firmware:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:fujitsu:sparc_m12-2s:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fujitsu:primergy_rx2530_m5_firmware:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:fujitsu:primergy_rx2530_m5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fujitsu:primergy_rx2540_m5_firmware:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:fujitsu:primergy_rx2540_m5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fujitsu:primergy_rx4770_m5_firmware:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:fujitsu:primergy_rx4770_m5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fujitsu:primergy_tx2550_m5_firmware:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:fujitsu:primergy_tx2550_m5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fujitsu:granpower_5000_firmware:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:fujitsu:granpower_5000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fujitsu:celsius_firmware:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:fujitsu:celsius:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fujitsu:primequest_firmware:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:fujitsu:primequest:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_development_cycle_manager:10.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_development_cycle_manager:10.0a:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_development_cycle_manager:10.1:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_development_cycle_manager:10.1:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_development_cycle_manager:10.1.1:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_development_cycle_manager:10.1.1:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_development_cycle_manager:10.2:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_development_cycle_manager:10.2:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_development_cycle_manager:10.3:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_development_cycle_manager:10.3:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_development_cycle_manager:10.3.1:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_development_cycle_manager:10.3.1:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_development_cycle_manager:10.3.1a:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_development_cycle_manager:10.3.1a:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:8.0.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:8.0.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:8.0.1:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:8.0.1:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:8.0.3:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:8.0.3:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.0.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.0.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.0.0b:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.1.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.1.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.1.0b:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.1.0b:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.2.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.2.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.2.0a:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.2.0a:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.3.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:10.0.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:10.0.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:10.1.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:10.1.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.0.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.0.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.1.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.1.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.0.0:*:*:*:enterprise:*:x86:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.0.0:*:*:*:standard-j:*:x86:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.1.0:*:*:*:enterprise:*:x86:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.1.0:*:*:*:standard-j:*:x86:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.2.0:*:*:*:enterprise:*:x86:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.2.0:*:*:*:standard-j:*:x86:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_business_application_manager:1.0l10:*:*:*:developer:.net:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_business_application_manager:1.0l10:*:*:*:enterprise:.net:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_business_application_manager:1.0l10:*:*:*:standard:.net:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_business_application_manager:1.0l20:*:*:*:developer:.net:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_business_application_manager:1.0l20:*:*:*:enterprise:.net:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_business_application_manager:1.0l20:*:*:*:standard:.net:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_business_application_manager:1.0l21:*:*:*:enterprise:.net:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_business_application_manager:1.0l21:*:*:*:standard:.net:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_business_application_manager:1.1:*:*:*:developer:.net:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_business_application_manager:1.1:*:*:*:enterprise:.net:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_business_application_manager:1.1:*:*:*:standard:.net:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_business_application_manager:2.0.0:*:*:*:developer:.net:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_business_application_manager:2.0.1:*:*:*:developer:.net:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_business_application_manager:2.0.1:*:*:*:enterprise:.net:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_business_application_manager:2.0.1:*:*:*:standard:.net:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:9.0.1:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:9.0.1:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:9.0.1a:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:9.0.1a:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.0.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.0.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.1.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.1.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.2.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.2.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.0a:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.0a:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.0b:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.0b:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.0c:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.0c:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.1:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.1:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.2:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.2:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.2a:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.2a:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_studio:9.1.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_studio:9.1.0b:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_studio:9.2.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_studio:10.0.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_studio:10.1.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_studio:11.0.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_studio:11.1.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_studio:11.1.0a:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_studio:12.0.0:*:*:*:standard-j:*:x86:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_studio:12.1.0:*:*:*:standard-j:*:x86:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_studio:12.2.0:*:*:*:standard-j:*:x86:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_web_server_express:11.0.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_web_server_express:11.1.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:linkexpress:v5.0l20:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:serverview_resource_orchestrator:3.0.0:*:*:*:cloud:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:serverview_resource_orchestrator:3.1.0:*:*:*:cloud:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:serverview_resource_orchestrator:3.1.1:*:*:*:cloud:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:serverview_resource_orchestrator:3.1.2:*:*:*:cloud:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:serverview_resource_orchestrator:3.2.0:*:*:*:cloud:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:serverview_resource_orchestrator:3.3.0:*:*:*:cloud:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:serverview_resource_orchestrator:3.4.0:*:*:*:cloud:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.0.0b:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.0.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.0.1a:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.0.1b:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.1.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.1.0e:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.1.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.1.1e:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.1.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.1.2e:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.1.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.1.3e:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.2.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.2.0e:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.3.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.0.0a:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.0.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.0.1a:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.0.1b:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.1.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.1.0a:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.1.0e:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.1.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.1.1e:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.1.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.1.3e:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.2.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.2.0e:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.3.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.3.0a:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_it_change_manager_v14g:14.0.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_it_change_manager_v14g:14.0.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_it_change_manager_v14g:14.0.0a:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_it_change_manager_v14g:14.0.0a:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_it_change_manager_v14g:14.1.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_it_change_manager_v14g:14.1.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_it_change_manager_v14g:14.1.1:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_it_change_manager_v14g:14.1.1:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.4.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.4.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.4.0b:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.4.0b:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.6.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.6.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.6.1:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.6.1:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.7.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.7.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0e:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0e:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:16.0.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:16.0.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_runbook_automation:15.0.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_runbook_automation:15.0.0a:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_runbook_automation:15.1.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_runbook_automation:15.1.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_runbook_automation:15.1.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_runbook_automation:15.1.2a:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_runbook_automation:15.1.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_runbook_automation:15.1.3a:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_runbook_automation_v14g:14.1.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_runbook_automation_v14g:14.1.0a:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_software_configuration_manager:15.5.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_software_configuration_manager_express:15.5.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:triole_cloud_middle_set_b_set:1.0.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:triole_cloud_middle_set_b_set:1.1.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:triole_cloud_middle_set_b_set:1.1.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:triole_cloud_middle_set_b_set:1.1.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:triole_cloud_middle_set_b_set:1.2.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2008:-:-:*:*:datacenter:*:x86:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2008:-:-:*:*:datacenter_without_hyper-v:*:x86:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2008:-:-:*:*:enterprise:*:x86:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2008:-:-:*:*:enterprise_without_hyper-v:*:x86:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2008:-:-:*:*:foundation:*:x86:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2008:-:-:*:*:standard:*:x86:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2008:-:-:*:*:standard_without_hyper-v:*:x86:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2008:r2:-:*:*:datacenter:*:x86:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2008:r2:-:*:*:enterprise:*:x86:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2008:r2:-:*:*:foundation:*:x86:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2008:r2:-:*:*:standard:*:x86:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:datacenter:*:x86:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:foundation:*:x86:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:standard:*:x86:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:datacenter:*:x64:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:foundation:*:x64:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:standard:*:x64:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:datacenter:*:x86:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:standard:*:x86:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:datacenter:*:x86:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:standard:*:x86:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_small_business_server_2011:-:*:*:*:essentials:*:x86:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.2.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.2.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.3.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:10.0.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:10.0.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.0.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.0.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.1.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.1.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.0.0:*:*:*:enterprise:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.0.0:*:*:*:standard-j:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.1.0:*:*:*:enterprise:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.1.0:*:*:*:standard-j:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.2.0:*:*:*:enterprise:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.2.0:*:*:*:standard-j:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_information_integrator:11.3.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_information_integrator:11.3.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_information_integrator_agent:11.3.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.1.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.1.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.2.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.2.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.0a:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.0a:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.0b:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.0b:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.0c:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.0c:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.1:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.1:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.2:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.2:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.2a:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.3.2a:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.0.0b:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.0.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.0.1a:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.0.1b:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.1.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.1.0e:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.1.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.1.1e:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.1.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.1.2e:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.1.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.1.3e:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.2.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.2.0e:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_keeper:15.3.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.0.0a:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.0.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.0.1a:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.0.1b:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.1.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.1.0a:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.1.0e:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.1.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.1.1e:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.1.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.1.3e:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.2.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.2.0e:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.3.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_desktop_patrol:15.3.0a:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_it_change_manager_v14g:14.1.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_it_change_manager_v14g:14.1.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_it_change_manager_v14g:14.1.1:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_it_change_manager_v14g:14.1.1:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.4.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.4.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.4.0b:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.4.0b:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.6.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.6.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.6.1:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.6.1:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.7.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.7.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0e:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0e:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:16.0.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:16.0.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_security_control:1.0.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_security_control:1.0.0a:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_security_control:1.0.0b:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_software_configuration_manager:15.6.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_software_configuration_manager_express:15.6.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2008:-:-:*:*:datacenter:*:x64:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2008:-:-:*:*:datacenter_without_hyper-v:*:x64:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2008:-:-:*:*:enterprise:*:x64:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2008:-:-:*:*:enterprise_without_hyper-v:*:x64:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2008:-:-:*:*:foundation:*:x64:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2008:-:-:*:*:standard:*:x64:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2008:-:-:*:*:standard_without_hyper-v:*:x64:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2008:r2:-:*:*:datacenter:*:x64:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2008:r2:-:*:*:enterprise:*:x64:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2008:r2:-:*:*:foundation:*:x64:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2008:r2:-:*:*:standard:*:x64:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:datacenter:*:x64:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:foundation:*:x64:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:standard:*:x64:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:datacenter:*:x64:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:foundation:*:x64:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:standard:*:x64:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:datacenter:*:x64:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:standard:*:x64:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:datacenter:*:x64:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:standard:*:x64:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows_small_business_server_2011:-:*:*:*:essentials:*:x64:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_development_cycle_manager:10.2.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_development_cycle_manager:10.3.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_development_cycle_manager:10.3.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_development_cycle_manager:10.3.1:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_development_cycle_manager:10.3.1:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_development_cycle_manager:10.3.2:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.0.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.0.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.0.0b:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.0.0b:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.0.1:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.0.1:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.0.1b:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.0.1b:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.1.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.1.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.1.0b:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.1.0b:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.2.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.2.0:*:*:*:enterprise:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.2.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.2.0:*:*:*:standard-j:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.3.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.3.0:*:*:*:enterprise:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.3.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.3.0:*:*:*:standard-j:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.3.1:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.3.1:*:*:*:enterprise:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.3.1:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.3.1:*:*:*:standard-j:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:10.0.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:10.0.0:*:*:*:enterprise:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:10.0.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:10.0.0:*:*:*:standard-j:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.0.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.0.0:*:*:*:enterprise:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.0.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.0.0:*:*:*:standard-j:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.1.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.1.0:*:*:*:enterprise:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.1.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.1.0:*:*:*:standard-j:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.1.1:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.1.1:*:*:*:enterprise:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.1.1:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.1.1:*:*:*:standard-j:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.2.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.2.0:*:*:*:enterprise:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.2.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.2.0:*:*:*:standard-j:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.0.0:*:*:*:enterprise:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.0.0:*:*:*:enterprise:*:x86:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.0.0:*:*:*:standard-j:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.0.0:*:*:*:standard-j:*:x86:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.1.0:*:*:*:enterprise:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.1.0:*:*:*:enterprise:*:x86:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.1.0:*:*:*:standard-j:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.1.0:*:*:*:standard-j:*:x86:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.2.0:*:*:*:enterprise:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.2.0:*:*:*:enterprise:*:x86:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.2.0:*:*:*:standard-j:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.2.0:*:*:*:standard-j:*:x86:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_information_integrator:11.3.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_information_integrator:11.3.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_information_integrator_agent:11.3.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.4.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_web_server_express:11.0.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_web_server_express:11.1.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_web_server_express:11.1.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:linkexpress:5.0l20:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:linkexpress:5.0l21:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:safeauthor:3.6l10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:serverview_resource_orchestrator:3.0.0:*:*:*:cloud:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:serverview_resource_orchestrator:3.1.0:*:*:*:cloud:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:serverview_resource_orchestrator:3.1.1:*:*:*:cloud:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:serverview_resource_orchestrator:3.1.2:*:*:*:cloud:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:serverview_resource_orchestrator:3.2.0:*:*:*:cloud:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:serverview_resource_orchestrator:3.4.0:*:*:*:cloud:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_it_change_manager_v14g:14.0.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_it_change_manager_v14g:14.0.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_it_change_manager_v14g:14.1.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_it_change_manager_v14g:14.1.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.4.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.4.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.4.0b:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.4.0b:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.4.1:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.4.1:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.4.1a:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.4.1a:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.6.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.6.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.6.1:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.6.1:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.7.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.7.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0e:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0e:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.9.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.9.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.9.1:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.9.1:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:16.0.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:16.0.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:16.0.0a:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:16.0.0a:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_runbook_automation:15.0.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_runbook_automation:15.1.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_runbook_automation:15.1.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_runbook_automation:15.1.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_runbook_automation:15.1.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_runbook_automation_v14g:14.1.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_software_configuration_manager:15.5.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_software_configuration_manager:15.5.0a:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_software_configuration_manager_express:15.5.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_software_configuration_manager_express:15.5.0a:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:triole_cloud_middle_set_b_set:1.0.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:triole_cloud_middle_set_b_set:1.1.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:triole_cloud_middle_set_b_set:1.1.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:triole_cloud_middle_set_b_set:1.1.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:triole_cloud_middle_set_b_set:1.2.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:intel64:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:x86:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:intel64:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:x86:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:intel64:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:x86:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_development_cycle_manager:10.3.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_development_cycle_manager:10.3.1:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:8.0.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:8.0.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:8.0.2:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:8.0.2:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:8.0.3:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:8.0.3:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.0.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.0.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.0.0b:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.1.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.1.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.1.0a:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.1.0a:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.1.0b:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.1.0b:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.2.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.2.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.2.0a:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:9.3.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:10.0.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:10.0.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:10.1.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:10.1.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.0.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.0.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.1.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.1.0:*:*:*:enterprise:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.1.0:*:*:*:standard-j:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:11.1.0:*:*:*:standard-j:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.0.0:*:*:*:enterprise:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.0.0:*:*:*:standard-j:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.1.0:*:*:*:enterprise:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_application_server:12.1.0:*:*:*:standard-j:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_information_integrator:11.3.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_information_integrator_agent:11.3.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_job_workload_server:8.1.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.1.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_list_works:10.1.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_web_server_express:11.0.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:interstage_web_server_express:11.1.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:linkexpress:5.0l20:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:safeauthor:3.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:safeauthor:3.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:safeauthor:3.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:safeauthor:3.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_it_change_manager_v14g:14.0.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_it_change_manager_v14g:14.0.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_it_change_manager_v14g:14.1.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_it_change_manager_v14g:14.1.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_it_change_manager_v14g:14.1.1:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_it_change_manager_v14g:14.1.1:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.4.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.4.0:*:*:*:global_enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.4.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.4.1:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.4.1:*:*:*:global_enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.4.1:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.6.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.6.0:*:*:*:global_enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.6.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.6.1:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.6.1:*:*:*:global_enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.6.1:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.7.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.7.0:*:*:*:global_enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.7.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.7.0a:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.7.0a:*:*:*:global_enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.7.0a:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0:*:*:*:enterprise:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0:*:*:*:global_enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0:*:*:*:global_enterprise:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0:*:*:*:standard:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0a:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0a:*:*:*:enterprise:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0a:*:*:*:global_enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0a:*:*:*:global_enterprise:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0a:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0a:*:*:*:standard:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0e:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0e:*:*:*:enterprise:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0e:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:13.8.0e:*:*:*:standard:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:16.0.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:16.0.0:*:*:*:enterprise:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:16.0.0:*:*:*:global_enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:16.0.0:*:*:*:global_enterprise:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:16.0.0:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:16.0.0:*:*:*:standard:*:x64:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:16.0.1:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:16.0.1:*:*:*:global_enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fujitsu:systemwalker_operation_manager:16.0.1:*:*:*:standard:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:oracle:solaris:9:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2019-13163", }, ], }, cve: "CVE-2019-13163", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, impactScore: 2.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Medium", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "None", baseScore: 4.3, confidentialityImpact: "Partial", exploitabilityScore: null, id: "JVNDB-2020-002248", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULMON", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "CVE-2019-13163", impactScore: 2.9, integrityImpact: "NONE", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "MEDIUM", trust: 0.1, userInteractionRequired: null, vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "HIGH", attackVector: "NETWORK", author: "NVD", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 2.2, impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, { attackComplexity: "High", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 5.9, baseSeverity: "Medium", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-002248", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2019-13163", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "JVNDB-2020-002248", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202002-237", trust: 0.6, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2019-13163", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULMON", id: "CVE-2019-13163", }, { db: "JVNDB", id: "JVNDB-2020-002248", }, { db: "NVD", id: "CVE-2019-13163", }, { db: "CNNVD", id: "CNNVD-202002-237", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V11 and other versions, Interstage Job Workload Server V8, Interstage List Works V10 and other versions, Interstage Studio V12 and other versions, Interstage Web Server Express V11, Linkexpress V5, Safeauthor V3, ServerView Resource Orchestrator V3, Systemwalker Cloud Business Service Management V1, Systemwalker Desktop Keeper V15, Systemwalker Desktop Patrol V15, Systemwalker IT Change Manager V14, Systemwalker Operation Manager V16 and other versions, Systemwalker Runbook Automation V15 and other versions, Systemwalker Security Control V1, and Systemwalker Software Configuration Manager V15. Interstage and Systemwalker Related products etc. TLS For operation TLS Multiple product vulnerabilities related to CVE-2019-13163 ) Exists.A man-in-the-middle attacker between the server and the client could break the encrypted communication", sources: [ { db: "NVD", id: "CVE-2019-13163", }, { db: "JVNDB", id: "JVNDB-2020-002248", }, { db: "VULMON", id: "CVE-2019-13163", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-13163", trust: 2.5, }, { db: "JVNDB", id: "JVNDB-2020-002248", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202002-237", trust: 0.6, }, { db: "VULMON", id: "CVE-2019-13163", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2019-13163", }, { db: "JVNDB", id: "JVNDB-2020-002248", }, { db: "NVD", id: "CVE-2019-13163", }, { db: "CNNVD", id: "CNNVD-202002-237", }, ], }, id: "VAR-202002-0484", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.26205936, }, last_update_date: "2023-12-18T13:01:54.242000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "InterstageやSystemwalker関連製品: TLSに関する複数製品の脆弱性(CVE-2019-13163)(2020年3月12日)", trust: 0.8, url: "https://www.fujitsu.com/jp/products/software/resources/condition/security/products-fujitsu/solution/interstage-systemwalker-tls-202001.html", }, { title: "Multiple Fujitsu Product encryption problem vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=111554", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-002248", }, { db: "CNNVD", id: "CNNVD-202002-237", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-326", trust: 1.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-002248", }, { db: "NVD", id: "CVE-2019-13163", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "https://www.fujitsu.com/jp/products/software/resources/condition/security/products-fujitsu/solution/interstage-systemwalker-tls-202001.html", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-13163", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-13163", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/326.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2019-13163", }, { db: "JVNDB", id: "JVNDB-2020-002248", }, { db: "NVD", id: "CVE-2019-13163", }, { db: "CNNVD", id: "CNNVD-202002-237", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2019-13163", }, { db: "JVNDB", id: "JVNDB-2020-002248", }, { db: "NVD", id: "CVE-2019-13163", }, { db: "CNNVD", id: "CNNVD-202002-237", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-02-07T00:00:00", db: "VULMON", id: "CVE-2019-13163", }, { date: "2020-03-09T00:00:00", db: "JVNDB", id: "JVNDB-2020-002248", }, { date: "2020-02-07T23:15:09.933000", db: "NVD", id: "CVE-2019-13163", }, { date: "2020-02-07T00:00:00", db: "CNNVD", id: "CNNVD-202002-237", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-02-27T00:00:00", db: "VULMON", id: "CVE-2019-13163", }, { date: "2020-03-13T00:00:00", db: "JVNDB", id: "JVNDB-2020-002248", }, { date: "2020-02-27T16:10:40.027000", db: "NVD", id: "CVE-2019-13163", }, { date: "2023-05-17T00:00:00", db: "CNNVD", id: "CNNVD-202002-237", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202002-237", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Interstage and Systemwalker Related product : TLS Vulnerabilities of multiple products in", sources: [ { db: "JVNDB", id: "JVNDB-2020-002248", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "encryption problem", sources: [ { db: "CNNVD", id: "CNNVD-202002-237", }, ], trust: 0.6, }, }
var-201404-0287
Vulnerability from variot
CookieInterceptor in Apache Struts before 2.3.20, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094. This vulnerability CVE-2014-0094 Vulnerability due to insufficient fix for.Through a crafted request by a third party, ClassLoader The " operation (manipulate)" And any code could be executed. Apache Struts is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Apache Struts versions 2.0.0 through 2.3.16.1 are vulnerable
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201404-0287", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "struts", scope: "lt", trust: 1.8, vendor: "apache", version: "2.3.16.2", }, { model: "connections", scope: "eq", trust: 1.1, vendor: "ibm", version: "5.0", }, { model: "connections", scope: "eq", trust: 1.1, vendor: "ibm", version: "4.5", }, { model: "connections", scope: "eq", trust: 1.1, vendor: "ibm", version: "4.0", }, { model: "struts", scope: "gte", trust: 1, vendor: "apache", version: "2.0.0", }, { model: "struts", scope: "eq", trust: 0.9, vendor: "apache", version: "2.3.4", }, { model: "struts", scope: "eq", trust: 0.9, vendor: "apache", version: "2.3.8", }, { model: "struts", scope: "eq", trust: 0.9, vendor: "apache", version: "2.3.7", }, { model: "struts", scope: "eq", trust: 0.9, vendor: "apache", version: "2.3.16.1", }, { model: "struts", scope: "eq", trust: 0.9, vendor: "apache", version: "2.3.16", }, { model: "struts", scope: "eq", trust: 0.9, vendor: "apache", version: "2.3.15.3", }, { model: "struts", scope: "eq", trust: 0.9, vendor: "apache", version: "2.3.15.2", }, { model: "struts", scope: "eq", trust: 0.9, vendor: "apache", version: "2.3.15.1", }, { model: "connections", scope: "lte", trust: 0.8, vendor: "ibm", version: "3.0.1.1", }, { model: "mysql", scope: "lte", trust: 0.8, vendor: "oracle", version: "enterprise monitor 2.3.16", }, { model: "mysql", scope: "lte", trust: 0.8, vendor: "oracle", version: "enterprise monitor 3.0.10", }, { model: "esmpro/servermanager", scope: "lte", trust: 0.8, vendor: "nec", version: "ver5.75", }, { model: "infocage", scope: "eq", trust: 0.8, vendor: "nec", version: "pc security", }, { model: "infocage", scope: "eq", trust: 0.8, vendor: "nec", version: "security risk management v1.0.0 to v2.1.3", }, { model: "webotx", scope: "eq", trust: 0.8, vendor: "nec", version: "enterprise edition v5.1 to v5.2", }, { model: "webotx", scope: "eq", trust: 0.8, vendor: "nec", version: "enterprise edition v6.1 to v6.5", }, { model: "webotx", scope: "eq", trust: 0.8, vendor: "nec", version: "rfid manager enterprise v7.1", }, { model: "webotx", scope: "eq", trust: 0.8, vendor: "nec", version: "rfid manager lite v2.0", }, { model: "webotx", scope: "eq", trust: 0.8, vendor: "nec", version: "rfid manager standard v2.0", }, { model: "webotx", scope: "eq", trust: 0.8, vendor: "nec", version: "standard edition v5.1 to v5.2", }, { model: "webotx", scope: "eq", trust: 0.8, vendor: "nec", version: "standard edition v6.1 to v6.5", }, { model: "webotx", scope: "eq", trust: 0.8, vendor: "nec", version: "standard-j edition v5.1 to v5.2", }, { model: "webotx", scope: "eq", trust: 0.8, vendor: "nec", version: "standard-j edition v6.1 to v6.5", }, { model: "webotx", scope: "eq", trust: 0.8, vendor: "nec", version: "web edition v5.1 to v5.2", }, { model: "webotx", scope: "eq", trust: 0.8, vendor: "nec", version: "web edition v6.1 to v6.5", }, { model: "webotx application server", scope: "eq", trust: 0.8, vendor: "nec", version: "v7.1", }, { model: "webotx developer", scope: "eq", trust: 0.8, vendor: "nec", version: "\"v8.2 to v8.4 (with developers studio only )\"", }, { model: "webotx developer", scope: "eq", trust: 0.8, vendor: "nec", version: "\"v9.1 to v9.2 (with developers studio only )\"", }, { model: "webotx portal", scope: "eq", trust: 0.8, vendor: "nec", version: "v8.3 to v8.4", }, { model: "webotx portal", scope: "eq", trust: 0.8, vendor: "nec", version: "v9.1", }, { model: "integrated system ha database ready", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "business analytics modeling server", }, { model: "interstage", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "business process manager analytics", }, { model: "interstage", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "extreme transaction processing server", }, { model: "interstage", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "mobile manager", }, { model: "interstage application development cycle manager", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage application framework suite", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage application server", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage apworks", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage business application server", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage job workload server", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage service integrator", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "interstage studio", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "serverview", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "resource orchestrator", }, { model: "symfoware", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "analytics server", }, { model: "symfoware", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "server", }, { model: "systemwalker service catalog manager", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "systemwalker service quality coordinator", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "systemwalker software configuration manager", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "triole", scope: "eq", trust: 0.8, vendor: "fujitsu", version: "cloud middle set b set", }, { model: "cloud infrastructure management software", scope: null, trust: 0.8, vendor: "fujitsu", version: null, }, { model: "struts", scope: "eq", trust: 0.6, vendor: "apache", version: "2.3.4.1", }, { model: "struts", scope: "eq", trust: 0.6, vendor: "apache", version: "2.3.3", }, { model: "keybox", scope: "eq", trust: 0.3, vendor: "skavanagh", version: "2.10.02", }, { model: "ec2box", scope: "eq", trust: 0.3, vendor: "skavanagh", version: "0.11.01", }, { model: "mysql enterprise monitor", scope: "eq", trust: 0.3, vendor: "oracle", version: "3.0.10", }, { model: "mysql enterprise monitor", scope: "eq", trust: 0.3, vendor: "oracle", version: "2.3.16", }, { model: "mysql enterprise monitor", scope: "eq", trust: 0.3, vendor: "oracle", version: "2.3.15", }, { model: "mysql enterprise monitor", scope: "eq", trust: 0.3, vendor: "oracle", version: "2.3.14", }, { model: "mysql enterprise monitor", scope: "eq", trust: 0.3, vendor: "oracle", version: "2.3.13", }, { model: "mysql enterprise monitor", scope: "eq", trust: 0.3, vendor: "oracle", version: "3.0", }, { model: "mysql enterprise monitor", scope: "eq", trust: 0.3, vendor: "oracle", version: "2.3", }, { model: "sterling web channel", scope: "eq", trust: 0.3, vendor: "ibm", version: "9.1", }, { model: "sterling web channel", scope: "eq", trust: 0.3, vendor: "ibm", version: "9.0", }, { model: "sterling selling and fulfillment foundation", scope: "eq", trust: 0.3, vendor: "ibm", version: "9.2.1", }, { model: "sterling selling and fulfillment foundation", scope: "eq", trust: 0.3, vendor: "ibm", version: "9.2", }, { model: "sterling selling and fulfillment foundation", scope: "eq", trust: 0.3, vendor: "ibm", version: "9.1", }, { model: "sterling selling and fulfillment foundation", scope: "eq", trust: 0.3, vendor: "ibm", version: "9.0", }, { model: "sterling order management", scope: "eq", trust: 0.3, vendor: "ibm", version: "8.5", }, { model: "sterling field sales", scope: "eq", trust: 0.3, vendor: "ibm", version: "9.2.1", }, { model: "sterling field sales", scope: "eq", trust: 0.3, vendor: "ibm", version: "9.2.0", }, { model: "sterling field sales", scope: "eq", trust: 0.3, vendor: "ibm", version: "9.1.0", }, { model: "sterling field sales", scope: "eq", trust: 0.3, vendor: "ibm", version: "9.0", }, { model: "platform symphony", scope: "eq", trust: 0.3, vendor: "ibm", version: "6.1.1", }, { model: "platform symphony", scope: "eq", trust: 0.3, vendor: "ibm", version: "6.1", }, { model: "platform symphony", scope: "eq", trust: 0.3, vendor: "ibm", version: "5.2", }, { model: "platform hpc", scope: "eq", trust: 0.3, vendor: "ibm", version: "4.1.1", }, { model: "platform hpc", scope: "eq", trust: 0.3, vendor: "ibm", version: "4.1", }, { model: "platform hpc", scope: "eq", trust: 0.3, vendor: "ibm", version: "3.2", }, { model: "platform cluster manager", scope: "eq", trust: 0.3, vendor: "ibm", version: "4.1.1", }, { model: "platform cluster manager", scope: "eq", trust: 0.3, vendor: "ibm", version: "4.1", }, { model: "platform cluster manager", scope: "eq", trust: 0.3, vendor: "ibm", version: "3.2", }, { model: "platform application center", scope: "eq", trust: 0.3, vendor: "ibm", version: "9.1.2", }, { model: "platform application center", scope: "eq", trust: 0.3, vendor: "ibm", version: "9.1.1", }, { model: "platform application center", scope: "eq", trust: 0.3, vendor: "ibm", version: "9.1", }, { model: "platform application center", scope: "eq", trust: 0.3, vendor: "ibm", version: "8.3", }, { model: "connections", scope: "eq", trust: 0.3, vendor: "ibm", version: "3.00", }, { model: "connections", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.0.10", }, { model: "connections", scope: "eq", trust: 0.3, vendor: "ibm", version: "3.0.1.1", }, { model: "connections", scope: "eq", trust: 0.3, vendor: "ibm", version: "3.0.1.0", }, { model: "connections", scope: "eq", trust: 0.3, vendor: "ibm", version: "3.0.1", }, { model: "connections", scope: "eq", trust: 0.3, vendor: "ibm", version: "3.0", }, { model: "connections", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.5.0.3", }, { model: "connections", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.5.0.2", }, { model: "connections", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.5.0.1", }, { model: "connections", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.5.0.0", }, { model: "connections", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.0.1.1", }, { model: "connections", scope: "eq", trust: 0.3, vendor: "ibm", version: "2.0.0.0", }, { model: "clearpass", scope: "eq", trust: 0.3, vendor: "arubanetworks", version: "6.0.2", }, { model: "clearpass", scope: "eq", trust: 0.3, vendor: "arubanetworks", version: "6.0.1", }, { model: "clearpass", scope: "eq", trust: 0.3, vendor: "arubanetworks", version: "6.3.0", }, { model: "clearpass", scope: "eq", trust: 0.3, vendor: "arubanetworks", version: "6.2.0", }, { model: "clearpass", scope: "eq", trust: 0.3, vendor: "arubanetworks", version: "6.1.3", }, { model: "clearpass", scope: "eq", trust: 0.3, vendor: "arubanetworks", version: "6.1.0", }, { model: "clearpass", scope: "eq", trust: 0.3, vendor: "arubanetworks", version: "5.0", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.3.41", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.2.3", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.2", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.8", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.6", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.5", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.2", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.1", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.14", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.12", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.11", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.10", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.9", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.8", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.7", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.6", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.5", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.4", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.3", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.2", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.1", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.3.15", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.3.14.3", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.3.14.2", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.3.14.1", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.3.14", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.3.1.2", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.3.1.1", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.3.1", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.2.3.1", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.4", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.1.3", }, { model: "struts", scope: "eq", trust: 0.3, vendor: "apache", version: "2.0.13", }, { model: "keybox", scope: "ne", trust: 0.3, vendor: "skavanagh", version: "2.10.03", }, { model: "ec2box", scope: "ne", trust: 0.3, vendor: "skavanagh", version: "0.11.02", }, { model: "clearpass", scope: "ne", trust: 0.3, vendor: "arubanetworks", version: "6.3.2", }, { model: "clearpass", scope: "ne", trust: 0.3, vendor: "arubanetworks", version: "6.2.6", }, { model: "clearpass", scope: "ne", trust: 0.3, vendor: "arubanetworks", version: "6.1.4", }, { model: "struts", scope: "ne", trust: 0.3, vendor: "apache", version: "2.3.16.2", }, ], sources: [ { db: "BID", id: "67081", }, { db: "JVNDB", id: "JVNDB-2014-002269", }, { db: "NVD", id: "CVE-2014-0113", }, { db: "CNNVD", id: "CNNVD-201404-570", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.16.2", versionStartIncluding: "2.0.0", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2014-0113", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Taki Uchiyama, Takeshi Terada, Takayoshi Isayama, Yoshiyuki Karezaki, BAKA/ty, \nShine, NSFOCUS Security Team and heige.", sources: [ { db: "BID", id: "67081", }, ], trust: 0.3, }, cve: "CVE-2014-0113", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 7.5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2014-0113", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.9, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2014-0113", trust: 1.8, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201404-570", trust: 0.6, value: "HIGH", }, { author: "VULMON", id: "CVE-2014-0113", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "VULMON", id: "CVE-2014-0113", }, { db: "JVNDB", id: "JVNDB-2014-002269", }, { db: "NVD", id: "CVE-2014-0113", }, { db: "CNNVD", id: "CNNVD-201404-570", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "CookieInterceptor in Apache Struts before 2.3.20, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094. This vulnerability CVE-2014-0094 Vulnerability due to insufficient fix for.Through a crafted request by a third party, ClassLoader The \" operation (manipulate)\" And any code could be executed. Apache Struts is prone to a security-bypass vulnerability. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. \nApache Struts versions 2.0.0 through 2.3.16.1 are vulnerable", sources: [ { db: "NVD", id: "CVE-2014-0113", }, { db: "JVNDB", id: "JVNDB-2014-002269", }, { db: "BID", id: "67081", }, { db: "VULMON", id: "CVE-2014-0113", }, ], trust: 1.98, }, exploit_availability: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { reference: "https://vulmon.com/exploitdetails?qidtp=exploitdb&qid=33142", trust: 0.1, type: "exploit", }, ], sources: [ { db: "VULMON", id: "CVE-2014-0113", }, ], }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2014-0113", trust: 2.8, }, { db: "SECUNIA", id: "59178", trust: 1.7, }, { db: "JVNDB", id: "JVNDB-2014-002269", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201404-570", trust: 0.6, }, { db: "BID", id: "67081", trust: 0.3, }, { db: "EXPLOITDB", id: "33142", trust: 0.1, }, { db: "VULMON", id: "CVE-2014-0113", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2014-0113", }, { db: "BID", id: "67081", }, { db: "JVNDB", id: "JVNDB-2014-002269", }, { db: "NVD", id: "CVE-2014-0113", }, { db: "CNNVD", id: "CNNVD-201404-570", }, ], }, id: "VAR-201404-0287", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.1875, }, last_update_date: "2023-12-18T11:41:25.261000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Bulletins S2-021", trust: 0.8, url: "https://cwiki.apache.org/confluence/display/ww/s2-021", }, { title: "Download a Release of Apache Struts -- Full Releases Struts 2.3.16.2", trust: 0.8, url: "http://struts.apache.org/download.cgi#struts23162", }, { title: "1680848", trust: 0.8, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21680848", }, { title: "1681190", trust: 0.8, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21681190", }, { title: "NV15-001", trust: 0.8, url: "http://jpn.nec.com/security-info/secinfo/nv15-001.html", }, { title: "Text Form of Oracle Critical Patch Update - April 2015 Risk Matrices", trust: 0.8, url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015verbose-2365613.html", }, { title: "Oracle Critical Patch Update Advisory - April 2015", trust: 0.8, url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", }, { title: "April 2015 Critical Patch Update Released", trust: 0.8, url: "https://blogs.oracle.com/security/entry/april_2015_critical_patch_update", }, { title: "CVE-2014-0094 他 に関する影響", trust: 0.8, url: "http://software.fujitsu.com/jp/security/vulnerabilities/cve2014-0094-0114.html", }, { title: "Symfoware Server(Openインタフェース): Strutsの脆弱性(CVE-2014-0094, CVE-2014-0112, CVE-2014-0113, CVE-2014-0116) (2014年6月2日)", trust: 0.8, url: "http://software.fujitsu.com/jp/security/products-fujitsu/solution/symfoware_201402.html", }, { title: "FUJITSU Integrated System HA Database Ready: Struts2の脆弱性(CVE-2014-0094,CVE-2014-0112,CVE-2014-0113,CVE-2014-0116) (2014年6月19日)", trust: 0.8, url: "http://software.fujitsu.com/jp/security/products-fujitsu/solution/ha_db_ready_201401.html", }, { title: "struts-2.3.16.2-all", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=49668", }, { title: "Red Hat: CVE-2014-0113", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=cve-2014-0113", }, { title: "Oracle: Oracle Critical Patch Update Advisory - April 2015", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=4b527561ba1a5de7a529c8a93679f585", }, { title: "-maven-security-versions", trust: 0.1, url: "https://github.com/nagauker/-maven-security-versions ", }, { title: "maven-security-versions-Travis", trust: 0.1, url: "https://github.com/klee94/maven-security-versions-travis ", }, { title: "maven-security-versions", trust: 0.1, url: "https://github.com/victims/maven-security-versions ", }, { title: "victims", trust: 0.1, url: "https://github.com/tmpgit3000/victims ", }, { title: "victims", trust: 0.1, url: "https://github.com/alexsh88/victims ", }, ], sources: [ { db: "VULMON", id: "CVE-2014-0113", }, { db: "JVNDB", id: "JVNDB-2014-002269", }, { db: "CNNVD", id: "CNNVD-201404-570", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-264", trust: 1.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2014-002269", }, { db: "NVD", id: "CVE-2014-0113", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2, url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", }, { trust: 2, url: "http://www-01.ibm.com/support/docview.wss?uid=swg21676706", }, { trust: 1.7, url: "https://cwiki.apache.org/confluence/display/ww/s2-021", }, { trust: 1.7, url: "http://secunia.com/advisories/59178", }, { trust: 1.7, url: "http://www.securityfocus.com/archive/1/531952/100/0/threaded", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0113", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0113", }, { trust: 0.3, url: "http://www.arubanetworks.com/support/alerts/aid-051414.asc", }, { trust: 0.3, url: "https://github.com/skavanagh/ec2box/releases/tag/v0.11.02", }, { trust: 0.3, url: "https://github.com/skavanagh/keybox/releases/tag/v2.10.03", }, { trust: 0.3, url: "http://struts.apache.org/", }, { trust: 0.3, url: "https://www-304.ibm.com/support/docview.wss?uid=swg21680848", }, { trust: 0.3, url: "https://www-304.ibm.com/support/docview.wss?uid=isg3t1020896", }, { trust: 0.3, url: "https://www-304.ibm.com/support/docview.wss?uid=isg3t1020893", }, { trust: 0.3, url: "http://struts.apache.org/development/2.x/docs/s2-021.html", }, { trust: 0.3, url: "https://www-304.ibm.com/support/docview.wss?uid=isg3t1020894", }, { trust: 0.3, url: "https://www-304.ibm.com/support/docview.wss?uid=isg3t1020895", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/264.html", }, { trust: 0.1, url: "http://tools.cisco.com/security/center/viewalert.x?alertid=33975", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://github.com/victims/maven-security-versions", }, { trust: 0.1, url: "https://www.exploit-db.com/exploits/33142/", }, ], sources: [ { db: "VULMON", id: "CVE-2014-0113", }, { db: "BID", id: "67081", }, { db: "JVNDB", id: "JVNDB-2014-002269", }, { db: "NVD", id: "CVE-2014-0113", }, { db: "CNNVD", id: "CNNVD-201404-570", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2014-0113", }, { db: "BID", id: "67081", }, { db: "JVNDB", id: "JVNDB-2014-002269", }, { db: "NVD", id: "CVE-2014-0113", }, { db: "CNNVD", id: "CNNVD-201404-570", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2014-04-29T00:00:00", db: "VULMON", id: "CVE-2014-0113", }, { date: "2014-04-28T00:00:00", db: "BID", id: "67081", }, { date: "2014-04-30T00:00:00", db: "JVNDB", id: "JVNDB-2014-002269", }, { date: "2014-04-29T10:37:03.700000", db: "NVD", id: "CVE-2014-0113", }, { date: "2014-04-30T00:00:00", db: "CNNVD", id: "CNNVD-201404-570", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-12T00:00:00", db: "VULMON", id: "CVE-2014-0113", }, { date: "2015-05-07T17:38:00", db: "BID", id: "67081", }, { date: "2016-08-02T00:00:00", db: "JVNDB", id: "JVNDB-2014-002269", }, { date: "2019-08-12T21:15:12.563000", db: "NVD", id: "CVE-2014-0113", }, { date: "2019-08-15T00:00:00", db: "CNNVD", id: "CNNVD-201404-570", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201404-570", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Apache Struts of CookieInterceptor In ClassLoader Vulnerability manipulated", sources: [ { db: "JVNDB", id: "JVNDB-2014-002269", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "permissions and access control issues", sources: [ { db: "CNNVD", id: "CNNVD-201404-570", }, ], trust: 0.6, }, }
jvndb-2014-000045
Vulnerability from jvndb
Published
2014-04-25 15:37
Modified
2015-05-08 18:01
Summary
Apache Struts vulnerable to ClassLoader manipulation
Details
Apache Struts provided by the Apache Software Foundation is a software framework for creating Java web applications. Apache Struts contains a vulnerability where the ClassLoader may be manipulated.
NTT-CERT reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000045.html", "dc:date": "2015-05-08T18:01+09:00", "dcterms:issued": "2014-04-25T15:37+09:00", "dcterms:modified": "2015-05-08T18:01+09:00", description: "Apache Struts provided by the Apache Software Foundation is a software framework for creating Java web applications. Apache Struts contains a vulnerability where the ClassLoader may be manipulated.\r\n\r\nNTT-CERT reported this vulnerability to IPA.\r\n JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.", link: "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000045.html", "sec:cpe": [ { "#text": "cpe:/a:apache:struts", "@product": "Apache Struts", "@vendor": "Apache Software Foundation", "@version": "2.2", }, { "#text": "cpe:/a:fujitsu:cloud_infrastructure_management_software", "@product": "Cloud Infrastructure Management Software", "@vendor": "FUJITSU", "@version": "2.2", }, { "#text": "cpe:/a:fujitsu:integrated_system_ha_database_ready", "@product": "FUJITSU Integrated System HA Database Ready", "@vendor": "FUJITSU", "@version": "2.2", }, { "#text": "cpe:/a:fujitsu:interstage", "@product": "Interstage", "@vendor": "FUJITSU", "@version": "2.2", }, { "#text": "cpe:/a:fujitsu:interstage_application_development_cycle_manager", "@product": "Interstage Application Development Cycle Manager", "@vendor": "FUJITSU", "@version": "2.2", }, { "#text": "cpe:/a:fujitsu:interstage_application_framework_suite", "@product": "Interstage Application Framework Suite", "@vendor": "FUJITSU", "@version": "2.2", }, { "#text": "cpe:/a:fujitsu:interstage_application_server", "@product": "Interstage Application Server", "@vendor": "FUJITSU", "@version": "2.2", }, { "#text": "cpe:/a:fujitsu:interstage_apworks", "@product": "Interstage Apworks", "@vendor": "FUJITSU", "@version": "2.2", }, { "#text": "cpe:/a:fujitsu:interstage_business_application_server", "@product": "Interstage Business Application Server", "@vendor": "FUJITSU", "@version": "2.2", }, { "#text": "cpe:/a:fujitsu:interstage_interaction_manager", "@product": "Interstage Interaction Manager", "@vendor": "FUJITSU", "@version": "2.2", }, { "#text": "cpe:/a:fujitsu:interstage_job_workload_server", "@product": "Interstage Job Workload Server", "@vendor": "FUJITSU", "@version": "2.2", }, { "#text": "cpe:/a:fujitsu:interstage_service_integrator", "@product": "Interstage Service Integrator", "@vendor": "FUJITSU", "@version": "2.2", }, { "#text": "cpe:/a:fujitsu:interstage_studio", "@product": "Interstage Studio", "@vendor": "FUJITSU", "@version": "2.2", }, { "#text": "cpe:/a:fujitsu:serverview", "@product": "ServerView", "@vendor": "FUJITSU", "@version": "2.2", }, { "#text": "cpe:/a:fujitsu:symfoware", "@product": "Symfoware", "@vendor": "FUJITSU", "@version": "2.2", }, { "#text": "cpe:/a:fujitsu:systemwalker_service_catalog_manager", "@product": "Systemwalker Service Catalog Manager", "@vendor": "FUJITSU", "@version": "2.2", }, { "#text": "cpe:/a:fujitsu:systemwalker_service_quality_coordinator", "@product": "Systemwalker Service Quality Coordinator", "@vendor": "FUJITSU", "@version": "2.2", }, { "#text": "cpe:/a:fujitsu:systemwalker_software_configuration_manager", "@product": "Systemwalker Software Configuration Manager", "@vendor": "FUJITSU", "@version": "2.2", }, { "#text": "cpe:/a:fujitsu:triole", "@product": "TRIOLE", "@vendor": "FUJITSU", "@version": "2.2", }, { "#text": "cpe:/o:misc:miraclelinux_asianux_server", "@product": "Asianux Server", "@vendor": "Cybertrust Japan Co., Ltd.", "@version": "2.2", }, ], "sec:cvss": { "@score": "7.5", "@severity": "High", "@type": "Base", "@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "@version": "2.0", }, "sec:identifier": "JVNDB-2014-000045", "sec:references": [ { "#text": "http://jvn.jp/en/jp/JVN19294237/index.html", "@id": "JVN#19294237", "@source": "JVN", }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0094", "@id": "CVE-2014-0094", "@source": "CVE", }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0112", "@id": "CVE-2014-0112", "@source": "CVE", }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0094", "@id": "CVE-2014-0094", "@source": "NVD", }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0112", "@id": "CVE-2014-0112", "@source": "NVD", }, { "#text": "http://www.ipa.go.jp/security/ciadr/vul/20140417-struts.html", "@id": "[Updated] Security Alert for Vulnerability in the \"Apache Struts2\" (CVE-2014-0094)(S2-020)", "@source": "IPA SECURITY ALERTS", }, { "#text": "http://www.kb.cert.org/vuls/id/719225", "@id": "VU#719225", "@source": "CERT-VN", }, { "#text": "http://www.konakart.com/downloads/ver-7-3-0-0-whats-new/", "@id": "Ver 7.3.0.0 - What’s New?", "@source": "Related document", }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-DesignError", "@title": "No Mapping(CWE-DesignError)", }, ], title: "Apache Struts vulnerable to ClassLoader manipulation", }